CVE-2026-27850 — HIGH (7.5)

Vulnerability Description

Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

References

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-014.t

FAQ

What is CVE-2026-27850?

CVE-2026-27850 is a vulnerability with a CVSS score of 7.5 (HIGH). Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the loc...

How severe is CVE-2026-27850?

CVE-2026-27850 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-27850?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.