Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.0
EFM-Networks IpTIME Devices Leak Sensitive Data to Unauthorized Users
CVE-2026-24498
Summary
Certain EFM-Networks IpTIME devices can expose sensitive information to people who shouldn't have access to it. This means that unauthorized users could potentially see confidential data, which could be a security risk. To protect your data, consider updating your devices to the latest version of firmware (version 15.26.9 or later).
Original title
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc....
Original description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8.
nvd CVSS4.0
6.0
Vulnerability type
CWE-200
Information Exposure
Published: 27 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026