CVE-2026-8979

UNKNOWN 0.0

Authentication Bypass

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Mennekes Amtron series (firmware versions ≤ 5.22.3) is vulnerable to an authentication bypass. An unauthenticated remote attacker can change the password of the user account via a crafted POST request to the /operator/operator endpoint.

CWE	CWE-287
Vendor	mennekes
Product	amtron
Published	May 28, 2026
Last Updated	May 28, 2026

Stay Ahead of the Next One

Get instant alerts for mennekes amtron

Be the first to know when new unknown vulnerabilities affecting mennekes amtron are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Mennekes / Amtron

0 ≤ 5.22.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cyberdanube.com: https://cyberdanube.com/security-research/multiple-vulnerabilities-in-mennekes-amtron-series/

Credits

S. Eisenreich-Dietz (CyberDanube)