CVE 9.6 CRITICAL

CVE-2026-35906_CVE-2026-35906

June 4, 2026 invoker category_cve
9.6 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Description

An undocumented debug CGI endpoint in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03 allows unauthenticated attackers to execute arbitrary system commands as root via supplying a crafted HTTP query string.

AI Analysis

Undocumented debug CGI endpoint allows unauthenticated attackers to execute arbitrary system commands as root

Basic Information

ID CVE-2026-35906
Source mitre
Published Jun 4, 2026 at 00:00
Modified Jun 4, 2026 at 14:54

Affected Product

Vendor T3 Technology
Product T625Pro, T6825G
Version v1.0.07, v1.0.03
Affected Versions n/a n/a n/a

CWE Classification

CWE-78

AI Assessment

AI Score 9.6 / 10
AI Severity Critical
Vendor T3 Technology
Product T625Pro, T6825G
Version v1.0.07, v1.0.03

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.