CVE-2026-36610: n/a
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials.
AI Analysis
Technical Summary
CVE-2026-36610 identifies a vulnerability in Mercusys AC12G (EU) V1 router firmware AC12G(EU)_V1_200909 where DDNS credentials are sent over unencrypted HTTP with only Base64 encoding. The absence of TLS means that these credentials can be intercepted by attackers positioned on the network path, enabling credential disclosure. The vulnerability affects the firmware's DDNS service communication and does not currently have an official remediation or patch. There is no CVSS score assigned, and no known exploits in the wild have been reported.
Potential Impact
The vulnerability allows an attacker with network access to intercept DDNS service credentials due to transmission over plaintext HTTP with only Base64 encoding. This compromises the confidentiality of DDNS credentials, potentially enabling unauthorized access or manipulation of DDNS settings. No further impact details or exploitation reports are available.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid using the affected firmware version or consider disabling DDNS functionality if possible. Network-level protections such as using trusted networks or VPNs may reduce exposure but do not fully mitigate the vulnerability.
CVE-2026-36610: n/a
Description
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials.
CVSS v3.1
Score 5.9medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-36610 identifies a vulnerability in Mercusys AC12G (EU) V1 router firmware AC12G(EU)_V1_200909 where DDNS credentials are sent over unencrypted HTTP with only Base64 encoding. The absence of TLS means that these credentials can be intercepted by attackers positioned on the network path, enabling credential disclosure. The vulnerability affects the firmware's DDNS service communication and does not currently have an official remediation or patch. There is no CVSS score assigned, and no known exploits in the wild have been reported.
Potential Impact
The vulnerability allows an attacker with network access to intercept DDNS service credentials due to transmission over plaintext HTTP with only Base64 encoding. This compromises the confidentiality of DDNS credentials, potentially enabling unauthorized access or manipulation of DDNS settings. No further impact details or exploitation reports are available.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid using the affected firmware version or consider disabling DDNS functionality if possible. Network-level protections such as using trusted networks or VPNs may reduce exposure but do not fully mitigate the vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-04-06T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a20657ce29bf47b50d41008
Added to database: 6/3/2026, 5:33:48 PM
Last enriched: 6/3/2026, 5:49:11 PM
Last updated: 6/4/2026, 6:24:21 AM
Views: 13
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.