PT-2026-44765 · Mediatek · Mtk Dut

Rethesis

·

Published

2026-05-29

·

Updated

2026-06-08

·

CVE-2026-49195

CVSS v3.1

8.8

High

VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)
Description An unauthenticated debug service is exposed on TCP port 9000. This allows a LAN-based attacker to execute arbitrary UCC commands via the '/sbin/mtk dut' binary.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-49195

Affected Products

Mtk Dut