CVE-2026-7786
published 2026-05-29CVE-2026-7786: Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.41%
33.2th percentile
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jinan_usr_iot_technology_limited | usr-w610_rs232_485_to_wi-fi_ethernet_converter | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-79x3-xvpv-235q: Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
device firmware contains plaintext administrative credentials e
ghsa_unreviewed·2026-05-29
CVE-2026-7786 [CRITICAL] CWE-798 GHSA-79x3-xvpv-235q: Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
device firmware contains plaintext administrative credentials e
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services.
VulDB
Jinan USR IOT Technology Limited USR-W610 RS232 485 to Wi-Fi Ethernet Converter 7.03T.07 Firmware Image hard-coded credentials (icsa-26-148-02)
vuldb·2026-05-29·CVSS 9.8
CVE-2026-7786 [CRITICAL] Jinan USR IOT Technology Limited USR-W610 RS232 485 to Wi-Fi Ethernet Converter 7.03T.07 Firmware Image hard-coded credentials (icsa-26-148-02)
A vulnerability was found in Jinan USR IOT Technology Limited USR-W610 RS232 485 to Wi-Fi Ethernet Converter 7.03T.07. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component Firmware Image Handler. Performing a manipulation results in hard-coded credentials.
This vulnerability was named CVE-2026-7786. The attack may be initiated remotely. There is no available exploit.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-29
Published