CVE-2026-5601
Received Received - Intake
Information Disclosure in Acrel Prepaid Cloud Backup File Handler

Publication date: 2026-04-05

Last updated on: 2026-04-05

Assigner: VulDB

Description
A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-05
Last Modified
2026-04-05
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5601
EUVD
EUVD-2026-19132
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
acrel electrical_prepaid_cloud_platform 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability results in information disclosure through manipulation of the Backup File Handler component in Acrel Electrical Prepaid Cloud Platform 1.0. Such unauthorized information disclosure could potentially impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding sensitive data against unauthorized access.

However, the provided information does not specify the nature or sensitivity of the disclosed information, nor does it detail the exact compliance implications or affected data categories.

Executive Summary

This vulnerability exists in the Acrel Electrical Prepaid Cloud Platform 1.0, specifically in the Backup File Handler component when processing the file /bin.rar. The issue allows an attacker to remotely manipulate this file processing, which leads to information disclosure.

Impact Analysis

The vulnerability can lead to unauthorized disclosure of sensitive information because an attacker can remotely exploit the flaw in the Backup File Handler. This could compromise confidentiality without affecting integrity or availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5601. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart