PatchSiren

NetComm Wireless Pty Ltd CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL NetComm Wireless Pty Ltd CVE published 2026-06-23

CVE-2026-35019

CVE-2026-35019 is a critical authentication bypass vulnerability affecting NetComm NF20MESH routers with firmware R6B031 and earlier. The vulnerability stems from a hardcoded AES-256 key used to encrypt session cookies for the web management interface. This allows unauthenticated attackers to forge valid encrypted session cookies and bypass authentication checks, gaining full administrative control of the [truncated]