CVE-2026-27850

{"id": "CVE-2026-27850", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-02-25T18:23:41.350", "references": [{"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-014.txt", "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network.\nThis issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200."}], "lastModified": "2026-02-27T14:06:59.787", "sourceIdentifier": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158"}