PatchSiren cyber security CVE debrief
CVE-2026-50225 Acer CVE debrief
CVE-2026-50225 is a HIGH severity vulnerability with a CVSS score of 8.8. The vulnerability exists in the registration path /v1/account/register, which provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database. The vulnerability was published on [cvePublishedAt]2026-06-04T10:16:40.123Z[/cvePublishedAt] and modified on [cveModifiedAt]2026-06-08T12:58:13.150Z[/cveModifiedAt].
- Vendor
- Acer
- Product
- Connect M6E 5G Portable WiFi Router
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-08
Who should care
This vulnerability affects Acer Connect M6E 5G firmware. Users of this product should review the vendor advisory for mitigation strategies.
Technical summary
The vulnerability is caused by the lack of bot mitigation mechanisms in the registration path /v1/account/register. This allows malicious automated systems to flood the database.
Defensive priority
HIGH
Recommended defensive actions
- Review and apply the vendor advisory for mitigation strategies. [ref-4]
Evidence notes
The vulnerability has been analyzed and has a CVSS vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Official resources
-
CVE-2026-50225 CVE record
CVE.org
-
CVE-2026-50225 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
8fc372e3-d9c5-46e4-9410-38469745c639 - Mitigation, Vendor Advisory
This debrief was generated based on publicly available information and is intended for informational purposes only.