Review
Netis System
CVE published 2026-05-27
CVE-2026-36538
CVE-2026-36538 documents a hard-coded root credential vulnerability in the Netis AC1200 Router (model NC21) running firmware version V4.0.1.4296. The root account password is set to the trivial value 'root' and stored in /etc/shadow.sample, enabling any attacker with device access to authenticate as root and obtain full operating system control. This represents a critical authentication bypass weakness wh [truncated]