CVE 8.7 HIGH

Elevated Root Command Execution via ai_cmd Sockets_CVE-2026-49188

June 4, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands.

AI Analysis

Unauthenticated users can execute arbitrary root commands via the ai_cmd utility due to its execution with full root permissions and piping of socket inputs directly to popen().

Basic Information

ID CVE-2026-49188

Source Acer

Published Jun 4, 2026 at 04:08

Affected Product

Vendor Acer

Product Connect M6E 5G Portable WiFi Router

Version *

Affected Versions Acer Connect M6E 5G Portable WiFi Router *

CWE Classification

CWE-489

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Acer

Product Connect M6E 5G Portable WiFi Router

Version *

References

community.acer.com /en/kb/articles/19707

{
    "lastseen": "",
    "description": "The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands.",
    "published": "2026-06-04T04:08:08.913Z",
    "modified": "2026-06-04T04:08:08.913Z",
    "type": "cve",
    "title": "Elevated Root Command Execution via ai_cmd Sockets",
    "source": "Acer",
    "references": "https://community.acer.com/en/kb/articles/19707",
    "id": "CVE-2026-49188",
    "bulletinFamily": "",
    "cwe": [
        "CWE-489"
    ],
    "cvelist": null,
    "sourceData": "Acer Connect M6E 5G Portable WiFi Router *",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Connect M6E 5G Portable WiFi Router",
    "version": "*",
    "vendor": "Acer",
    "ai_description": "Unauthenticated users can execute arbitrary root commands via the ai_cmd utility due to its execution with full root permissions and piping of socket inputs directly to popen().",
    "ai_severity": "High",
    "ai_vendor": "Acer",
    "ai_product": "Connect M6E 5G Portable WiFi Router",
    "ai_version": "*",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply