CVE-2026-0647
Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication being required. If exploited, this could lead to unauthorized access, account takeover, and loss of the device’s embedded web server’s availability.
| CWE | CWE-306 |
| Vendor | rockwell automation |
| Product | flex i/o ethernet/ip adapters |
| Published | Jun 16, 2026 |
| Last Updated | Jun 16, 2026 |
Stay Ahead of the Next One
Get instant alerts for rockwell automation flex i/o ethernet/ip adapters
Be the first to know when new unknown vulnerabilities affecting rockwell automation flex i/o ethernet/ip adapters are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Rockwell Automation / FLEX I/O EtherNet/IP Adapters
2.012