| Summary | Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers. |
|---|---|
| Publication Date | June 4, 2026, 3:16 a.m. |
| Registration Date | June 4, 2026, 4:16 a.m. |
| Last Update | June 4, 2026, 3:16 a.m. |