CVE-2026-49197
Analyzed Analyzed - Analysis Complete

Authorization Header Validation Bypass in Acer Connect App

Vulnerability report for CVE-2026-49197, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-29

Last updated on: 2026-06-08

Assigner: 8fc372e3-d9c5-46e4-9410-38469745c639

Description

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-29
Last Modified
2026-06-08
Generated
2026-07-09
AI Q&A
2026-05-29
EPSS Evaluated
2026-07-08
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
acer predator_connect_w6x_firmware to w6x_gbl_2.00.000005 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the web endpoints designed for the Acer Connect app. These endpoints improperly validate the HTTP Authorization header by failing to block requests when the Base64 decoding of the header fails.

Impact Analysis

Because the web endpoints do not properly validate the Authorization header, attackers may be able to bypass authentication mechanisms. This can lead to unauthorized access to the application or its data, potentially resulting in severe security breaches.

Compliance Impact

The vulnerability in the Acer Connect W6x router allows authentication bypass due to improper validation of HTTP Authorization headers. This could lead to unauthorized access to the device and potentially sensitive data.

Such unauthorized access risks violating common standards and regulations like GDPR and HIPAA, which require strict controls to protect personal and sensitive information from unauthorized access.

Therefore, if exploited, this vulnerability could compromise compliance with these regulations by exposing protected data or allowing unauthorized control over network devices.

Detection Guidance

The vulnerability involves improper validation of the HTTP Authorization header on web endpoints of the Acer Connect W6x router, allowing authentication bypass when Base64 decoding fails.

To detect this vulnerability on your network or system, you can monitor HTTP requests to the router's web interface and specifically check for malformed or invalid Authorization headers that are accepted instead of rejected.

While no specific commands are provided in the resources, a general approach would be to use network traffic analysis tools such as tcpdump or Wireshark to capture HTTP traffic to the router and inspect Authorization headers for malformed Base64 strings.

  • Use tcpdump to capture HTTP traffic on the router's IP and port 80 or 443: tcpdump -i <interface> host <router_ip> and port 80
  • Use curl or similar tools to send HTTP requests with malformed Authorization headers and observe if access is improperly granted.
Mitigation Strategies

The immediate and recommended step to mitigate this vulnerability is to update the Acer Connect W6x router firmware to version W6x_GBL_2.00.000008 or later.

This firmware update addresses the authentication protocol verification issue by properly rejecting malformed HTTP Authorization headers and preventing authentication bypass.

Users should perform the update via the router admin console and avoid restarting or unplugging the router during the update process to ensure a successful upgrade.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49197. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart