CVE-2026-24789

Name of the Vulnerable Software and Affected Versions Affected versions not specified

Description An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication. The vulnerable API endpoint is exposed without requiring any form of authentication, enabling unauthorized password modifications. The password can be changed remotely via the API.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.