CVE-2026-36538

Published: Mag 27, 2026 Last Modified: Mag 27, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying operating system.

http://netis-system.com

https://github.com/sir3ns/cve-disclosure/blob/main/CVE-2026…

https://github.com/sir3ns/cve-disclosure/blob/main/CVE-2026-36538/readme.md

CVE-2026-36538

Description

Iscriviti alla newsletter