CVE-2026-36612
MEDIUMDescription
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2.0 by default with a weak lockout policy (60-second lockout after 10 attempts).
Is your site exposed to CVE-2026-36612?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2026-36612? +
How severe is CVE-2026-36612? +
How do I check if I'm vulnerable to CVE-2026-36612? +
Related Vulnerabilities
Unauthorised access to the call forwarding service system in MeetMe products in versions prior to 2024-09 allows an attacker to …
KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited …
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web …
Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy prior to version 4.14.0-7 on Gliffy online allows attacker to …
Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary …
This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of incorrect One-Time Password (OTP) attempts …