CVE-2026-50099
published 2026-06-12CVE-2026-50099: During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on…
PriorityP427medium4.6CVSS 3.1
AVPACLPRNUINSUCHINAN
EPSS
0.17%
6.7th percentile
During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits arbitrary memory reads, enabling full firmware extraction. An attacker with brief physical access, common for outdoor-mounted devices, can therefore recover WiFi credentials and bootstrap firmware-side attacks.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| naxclow | ix_cam | — | — |
| naxclow | smart_doorbell_x3 | — | — |
| naxclow | v720 | — | — |
| naxclow | x_smart_home | — | — |
CVSS provenance
nvdv3.14.6MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv4.05.1MEDIUMCVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Naxclow Smart Doorbell X3/X Smart Home/V720/ix cam Setting file information disclosure (icsa-26-162-02 / EUVD-2026-36538)
vuldb·2026-06-12·CVSS 4.6
CVE-2026-50099 [MEDIUM] Naxclow Smart Doorbell X3/X Smart Home/V720/ix cam Setting file information disclosure (icsa-26-162-02 / EUVD-2026-36538)
A vulnerability was found in Naxclow Smart Doorbell X3, X Smart Home, V720 and ix cam. It has been classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. This manipulation causes file and directory information exposure.
This vulnerability is handled as CVE-2026-50099. It is feasible to perform the attack on the physical device. There is not any exploit available.
GHSA
During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware.
ghsa_unreviewed·2026-06-12
CVE-2026-50099 [MEDIUM] CWE-538 During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware.
During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits arbitrary memory reads, enabling full firmware extraction. An attacker with brief physical access, common for outdoor-mounted devices, can therefore recover WiFi credentials and bootstrap firmware-side attacks.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-12
Published