CVE 8.7 HIGH

Bulk User Private Data Harvesting_CVE-2026-50213

June 4, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings.

AI Analysis

Acer Connect M6E 5G Portable WiFi Router is vulnerable to bulk user private data harvesting due to an insecure account validation endpoint.

Basic Information

ID CVE-2026-50213

Source Acer

Published Jun 4, 2026 at 07:39

Affected Product

Vendor Acer

Product Connect M6E 5G Portable WiFi Router

Version *

Affected Versions Acer Connect M6E 5G Portable WiFi Router *

CWE Classification

CWE-798

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Acer

Product Connect M6E 5G Portable WiFi Router

Version *

References

community.acer.com /en/kb/articles/19707

{
    "lastseen": "",
    "description": "The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings.",
    "published": "2026-06-04T07:39:21.829Z",
    "modified": "2026-06-04T07:39:21.829Z",
    "type": "cve",
    "title": "Bulk User Private Data Harvesting",
    "source": "Acer",
    "references": "https://community.acer.com/en/kb/articles/19707",
    "id": "CVE-2026-50213",
    "bulletinFamily": "",
    "cwe": [
        "CWE-798"
    ],
    "cvelist": null,
    "sourceData": "Acer Connect M6E 5G Portable WiFi Router *",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Connect M6E 5G Portable WiFi Router",
    "version": "*",
    "vendor": "Acer",
    "ai_description": "Acer Connect M6E 5G Portable WiFi Router is vulnerable to bulk user private data harvesting due to an insecure account validation endpoint.",
    "ai_severity": "High",
    "ai_vendor": "Acer",
    "ai_product": "Connect M6E 5G Portable WiFi Router",
    "ai_version": "*",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply