CVE-2026-36604 | Mercusys AC12G HTTP Host Header cross-domain policy

A vulnerability, which was classified as problematic, was found in Mercusys AC12G. The impacted element is an unknown function of the component HTTP Host Header Handler. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains.

This vulnerability appears as CVE-2026-36604. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More