Vulnerability Description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Iptime | T5008 Firmware | < 15.27.2 |
| Iptime | T5008 | - |
| Iptime | Ax2004M Firmware | < 15.27.2 |
| Iptime | Ax2004M | - |
| Iptime | Ax3000Q Firmware | < 15.27.2 |
| Iptime | Ax3000Q | - |
| Iptime | Ax6000M Firmware | < 15.27.2 |
| Iptime | Ax6000M | - |
Related Weaknesses (CWE)
References
- https://iptime.com/iptime/?page_id=126&dffid=1&dfsid=15&dftid=589&uid=26901&mod=Release Notes
- https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNThird Party Advisory
FAQ
What is CVE-2026-24498?
CVE-2026-24498 is a vulnerability with a CVSS score of 7.5 (HIGH). Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. Ip...
How severe is CVE-2026-24498?
CVE-2026-24498 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-24498?
Check the references section above for vendor advisories and patch information. Affected products include: Iptime T5008 Firmware, Iptime T5008, Iptime Ax2004M Firmware, Iptime Ax2004M, Iptime Ax3000Q Firmware.