CVE-2026-6274

Received
Published: 05 Jun 2026, 09:01
Last modified:05 Jun 2026, 09:01

Vulnerability Summary

Overall Risk (default)
high
70/100
CVSS Score
9.8 CRITICAL
v3.1 (cve.org)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

05 Jun 2026, 09:01
Published
Vulnerability first disclosed

Description

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8.

CVSS Metrics

  • v3.1CRITICALScore: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Techniques & Countermeasures

  • CWE-287Improper Authentication

    When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

  • CWE-306Missing Authentication for Critical Function

    The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

  • CWE-1390Weak Authentication

    The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.

Affected Systems

  • dts electronics industry and trade ltd. co.redline wr3200

    ≥ 7.1.3, < 7.1.8

References (1)