Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for...

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

The Wi-Fi router is vulnerable to de-authentication attacks due to the
absence of management frame protection, allowing forged deauthentication
and disassociation frames to be broadcast without authentication or
encryption. An attacker can use this to cause unauthorized disruptions
and create a denial-of-service condition.

Basic Information

ID CVE-2026-26048

Source icscert

Published Feb 20, 2026 at 16:06

Affected Product

Vendor Jinan USR IOT Technology Limited (PUSR)

Product USR-W610

Affected Versions Jinan USR IOT Technology Limited (PUSR) USR-W610 0

CWE Classification

CWE-306

References

{
    "lastseen": "",
    "description": "The Wi-Fi router is vulnerable to de-authentication attacks due to the \nabsence of management frame protection, allowing forged deauthentication\n and disassociation frames to be broadcast without authentication or \nencryption. An attacker can use this to cause unauthorized disruptions \nand create a denial-of-service condition.",
    "published": "2026-02-20T16:06:17.626Z",
    "modified": "2026-02-20T16:06:17.626Z",
    "type": "cve",
    "title": "Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for Critical Function",
    "source": "icscert",
    "references": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-050-03\nhttps://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-03.json",
    "id": "CVE-2026-26048",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "Jinan USR IOT Technology Limited (PUSR) USR-W610 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "USR-W610",
    "version": "0",
    "vendor": "Jinan USR IOT Technology Limited (PUSR)",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Jinan USR IOT Technology Limited (PUSR) USR-W610 Missing Authentication for Critical Function_CVE-2026-26048