CVE-2026-35906 is a critical vulnerability in T3 Technology CPE models T625Pro v1.0.07 and T6825G v1.0.03. An undocumented debug CGI endpoint allows unauthenticated attackers to execute arbitrary system commands as root via a crafted HTTP query string. This vulnerability has a CVSS score of 9.6 and is considered CRITICAL.
A critical vulnerability was discovered in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03. The vulnerability is caused by a hardcoded password for root access under the 'superadmin' account, allowing attackers to gain unauthorized access to the system. The vulnerability has a CVSS score of 9.8 and is classified as CRITICAL.
