CVE 9.8 CRITICAL

CVE-2026-35904_CVE-2026-35904

June 8, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component.

AI Analysis

Incorrect access control vulnerability in T3 Technology CPE models allowing unauthorized Telnet service enablement

Basic Information

ID CVE-2026-35904

Source mitre

Published Jun 4, 2026 at 00:00

Modified Jun 8, 2026 at 13:51

Affected Product

Vendor T3 Technology

Product T3 Technology CPE

Version T625Pro v1.0.07, T6825G v1.0.03, T7281 v1.0.03

Affected Versions n/a n/a n/a

CWE Classification

CWE-284

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor T3 Technology

Product T3 Technology CPE

Version T625Pro v1.0.07, T6825G v1.0.03, T7281 v1.0.03

References

{
    "lastseen": "",
    "description": "Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component.",
    "published": "2026-06-04T00:00:00.000Z",
    "modified": "2026-06-08T13:51:48.841Z",
    "type": "cve",
    "title": "CVE-2026-35904",
    "source": "mitre",
    "references": "https://www.ncsa.or.th\nhttps://t3techgroup.com\nhttps://www.true.th/\nhttps://github.com/PwnOnu/T3-Technology-CPE-Advisories/blob/main/CVE-2026-35904.md",
    "id": "CVE-2026-35904",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "T3 Technology CPE",
    "version": "T625Pro v1.0.07, T6825G v1.0.03, T7281 v1.0.03",
    "vendor": "T3 Technology",
    "ai_description": "Incorrect access control vulnerability in T3 Technology CPE models allowing unauthorized Telnet service enablement",
    "ai_severity": "Critical",
    "ai_vendor": "T3 Technology",
    "ai_product": "T3 Technology CPE",
    "ai_version": "T625Pro v1.0.07, T6825G v1.0.03, T7281 v1.0.03",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply