CVE-2026-36603 | Mercusys AC12G Admin Interface AddPortMapping/GetExternalIPAddress Remote Code Execution

A vulnerability was found in Mercusys AC12G. It has been classified as very critical. Affected is the function AddPortMapping/GetExternalIPAddress of the component Admin Interface. This manipulation causes Remote Code Execution.

This vulnerability is handled as CVE-2026-36603. The attack can only be done within the local network. There is not any exploit available.VulDB Recent EntriesRead More