Description
Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands.
Published: 2026-05-29
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the /sbin/mtk_dut binary which is exposed on TCP port 9000 by lack of authentication checks. An attacker on the local network can open a connection to this port and send arbitrary UCC commands, effectively giving them the ability to execute arbitrary code on the device. This is a classic missing authentication flaw (CWE‑306) that permits remote code execution without any need for user credentials.

Affected Systems

Affected units are Acer Predator Connect W6x models running firmware versions prior to W6x_GBL_2.00.000008. The official fix is provided by the vendor as firmware update W6x_GBL_2.00.000008.

Risk and Exploitability

The CVSS score of 8.7 indicates serious severity, while the EPSS is not available, suggesting no data on likely exploitation but still high risk. Because the service is reachable over a LAN port without authentication, an attacker can directly launch the exploit from within the internal network, making this a high threat even for devices that are not publicly exposed. The vulnerability is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on May 29, 2026 at 10:23 UTC.

Remediation

Vendor Solution

Fixed on firmware version: W6x_GBL_2.00.000008

OpenCVE Recommended Actions

  • Apply the fixed firmware update W6x_GBL_2.00.000008 promptly
  • Reboot the device after upgrading the firmware to ensure the new binaries are loaded
  • Block or restrict TCP port 9000 on the network firewall to prevent unauthenticated access before patching

Generated by OpenCVE AI on May 29, 2026 at 10:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Acer
Acer predator Connect W6x
Vendors & Products Acer
Acer predator Connect W6x

Fri, 29 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands.
Title Predator Connect W6x: unauthenticated Debug Service
Weaknesses CWE-306
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L'}

Subscriptions

Acer Predator Connect W6x
cve-icon MITRE

Status: PUBLISHED

Assigner: Acer

Published:

Updated: 2026-05-29T15:00:39.857Z

Reserved: 2026-05-28T02:47:39.776Z

Link: CVE-2026-49195

cve-icon Vulnrichment

Updated: 2026-05-29T15:00:36.327Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-29T09:16:17.610

Modified: 2026-05-29T14:46:09.837

Link: CVE-2026-49195

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T15:47:26Z

Weaknesses