CVE-2026-31928
Severity CVSS v4.0:
CRITICAL
Type:
CWE-798
Use of Hard-coded Credentials
Publication date:
26/06/2026
Last modified:
29/06/2026
Description
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access.
Impact
Base Score 4.0
9.30
Severity 4.0
CRITICAL
Base Score 3.x
8.10
Severity 3.x
HIGH



