Acer has confirmed that it’s working to handle two most severity zero-day vulnerabilities affecting its Wave 7 mesh routers.
The 2 safety flaws, reported by safety researcher Gergo Pap, have an effect on Wave 7 routers operating firmware model T7c_GBL_1.01.000055 and earlier, in accordance with Friday’s safety advisory.
The primary zero-day is a damaged entry management vulnerability tracked as CVE-2026-49200 that would enable an unauthenticated attacker to remotely entry cleartext credentials saved in log archives.
“The acer_cgi.log file positioned within the system’s firmware may be accessed by the net interface with out authentication. This file comprises clear-text login credentials (for internet and Telnet), resulting in unauthorized system entry,” Acer defined.
The second (CVE-2026-49201) is because of a hardcoded encryption key that enables an unprivileged distant attacker to realize persistent backdoor entry to the router.
“The add.cgi binary accountable for system backup processing comprises a hardcoded AES encryption key,” the corporate added. “This permits attackers to decrypt, modify, and re-encrypt system backups, facilitating persistent backdoor injection.”
Safety patches for these two flaws usually are not but obtainable, however Acer says it’s engaged on fixes and expects them to be launched by the tip of this month.
“The above vulnerabilities will likely be resolved in a future firmware replace. Focused fixes are anticipated to be deployed by the tip of June 2026.”
The corporate additionally “strongly really helpful” all customers observe the steps under to replace their system’s firmware after a safety replace is issued.
- Join your pc to your Acer Wave 7 router by way of Wi-Fi or an Ethernet cable.
- Open an online browser and go to the router administration console (http://192.168.76.1 or http://acerconnect.com).
- Log in utilizing administrator credentials.
- transfer to system administration, Then choose Firmware replace.
- Choose Examine for Updates.
To cut back the chance of assault till a patch is offered, Acer prospects are inspired to disable distant administration or, if allowed by firmware, to limit distant Web entry to solely trusted IP addresses.
Automated penetration testing instruments provide actual worth, however they had been constructed to reply one query: Can an attacker get by your community? They aren’t constructed to check whether or not controls block threats, detection guidelines fireplace, or cloud configurations are preserved.
This information describes six surfaces that you must truly look at.
Obtain now
