CVE-2026-36609
Static Authentication Nonce and XOR Password Encoding in Mercusys AC12G (EU) V1 Router
Publication date: 2026-06-03
Last updated on: 2026-06-03
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mercusys | ac12g | ac12g(eu)_v1_200909 |
| mercusys | ac12g | ac12g(eu)_v1_210128 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
| CWE-341 | A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-36609 affects the Mercusys AC12G (EU) V1 router with firmware versions AC12G(EU)_V1_200909 and AC12G(EU)_V1_210128. The vulnerability arises because the router uses a static authentication nonce that does not change between requests from the same source IP.
This static nonce, combined with a predictable XOR-based password encoding method, allows an attacker to reverse captured authentication tokens to recover the plaintext password.
The router's authentication protocol uses a fixed 32-character nonce generated once per boot per source IP, and the session token is computed using this static nonce and other static values, making it fully reversible.
Because the nonce and other inputs are static, the same password always produces the same session token, which never expires or rotates during a boot cycle.
How can this vulnerability impact me? :
This vulnerability can have several serious impacts:
- Attackers can recover the plaintext password from a single captured authentication exchange.
- Captured session tokens can be replayed indefinitely, allowing unauthorized access without needing to know the password again.
- Attackers can precompute session tokens offline using a password dictionary, facilitating faster attacks.
- Devices with the same password produce identical session tokens, increasing the risk of compromise across multiple devices.
Additionally, the device is end-of-life with no planned fixes, meaning these risks remain unmitigated.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by capturing and analyzing authentication tokens exchanged between clients and the Mercusys AC12G (EU) V1 router. Since the authentication nonce is static per source IP and the session token is predictable and reversible, you can observe repeated identical session tokens from the same source IP during authentication attempts.
To detect this on your network, you can use packet capture tools such as tcpdump or Wireshark to monitor HTTP authentication traffic to the router and check for static or repeated nonce values and identical session tokens.
- Use tcpdump to capture traffic on the router's IP and port (usually port 80 or 443): tcpdump -i <interface> host <router_ip> and port 80 -w capture.pcap
- Open the capture in Wireshark and filter HTTP authentication requests to inspect nonce values and session tokens for repetition or predictability.
- Look for identical 32-character nonce values and repeated session tokens from the same source IP across multiple authentication attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include limiting exposure of the vulnerable router by restricting access to its management interface to trusted networks or IP addresses.
Since the device is end-of-life with no planned fixes, consider replacing the Mercusys AC12G (EU) V1 router with a more secure device that uses proper nonce generation and session token management.
If replacement is not immediately possible, monitor authentication traffic for suspicious repeated tokens and consider changing passwords frequently to reduce the risk of password recovery.
Network segmentation and firewall rules can help reduce the attack surface by limiting who can reach the router's authentication interface.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to recover plaintext passwords and replay authentication tokens indefinitely due to static nonces and predictable encoding. This compromises the confidentiality and integrity of authentication credentials.
Such a security weakness can lead to unauthorized access to network devices and potentially sensitive data, which may violate common standards and regulations like GDPR and HIPAA that require protection of personal and sensitive information.
Because the device is end-of-life with no planned fixes, organizations using this router may face challenges in maintaining compliance with these regulations, as they must ensure adequate security controls to protect data and authentication mechanisms.