CVE-2026-26048
published 2026-02-20CVE-2026-26048: The Wi-Fi router is vulnerable to de-authentication attacks due to the absence of management frame protection, allowing forged deauthentication and…
PriorityP345high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.26%
17.2th percentile
The Wi-Fi router is vulnerable to de-authentication attacks due to the
absence of management frame protection, allowing forged deauthentication
and disassociation frames to be broadcast without authentication or
encryption. An attacker can use this to cause unauthorized disruptions
and create a denial-of-service condition.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jinan_usr_iot_technology_limited | usr-w610 | <= 3.1.1.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3vr9-ghwq-fh8h: The Wi-Fi router is vulnerable to de-authentication attacks due to the
absence of management frame protection, allowing forged deauthentication
and di
ghsa_unreviewed·2026-02-20
CVE-2026-26048 [HIGH] CWE-306 GHSA-3vr9-ghwq-fh8h: The Wi-Fi router is vulnerable to de-authentication attacks due to the
absence of management frame protection, allowing forged deauthentication
and di
The Wi-Fi router is vulnerable to de-authentication attacks due to the
absence of management frame protection, allowing forged deauthentication
and disassociation frames to be broadcast without authentication or
encryption. An attacker can use this to cause unauthorized disruptions
and create a denial-of-service condition.
CISA ICS
Jinan USR IOT Technology Limited (PUSR) USR-W610
cisa_ics·2026-02-19·CVSS 7.5
[HIGH] Jinan USR IOT Technology Limited (PUSR) USR-W610
ICS Advisory
##
Jinan USR IOT Technology Limited (PUSR) USR-W610
Release DateFebruary 19, 2026
Alert CodeICSA-26-050-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
Successful exploitation of these vulnerabilities could result in authentication being disabled, a denial-of-service condition, or an attacker stealing valid user credentials, including administrator credentials.
The following versions of Jinan USR IOT Technology Limited (PUSR) USR-W610 are affected:
- USR-W610 <=3.1.1.0 (CVE-2026-25715, CVE-2026-24455, CVE-2026-26049, CVE-2026-26048)
CVSS
Vendor
Equipment
Vulnerabilities
| v3 9.8
| Jinan USR IOT Technology Limited (PUSR)
| Jinan USR IOT Technology Limited (PUSR) USR-W610
| Weak Pass
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-02-20
Published