What is GHSA-2cm6-668w-rvw2?

GHSA-2cm6-668w-rvw2 is a security advisory published by GitHub Security Advisories with Critical severity. Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0...

Which CVE IDs does GHSA-2cm6-668w-rvw2 cover?

GHSA-2cm6-668w-rvw2 covers the following CVE IDs: CVE-2026-35904. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-2cm6-668w-rvw2?

GHSA-2cm6-668w-rvw2 has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-2cm6-668w-rvw2CriticalCVSS 9.8

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0...

Vendor

GitHub Security Advisories

Published

June 4, 2026

Last Modified

June 8, 2026

🔗 CVE IDs covered (1)

CVE-2026-35904 →

📋 Description

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2026-35904
https://github.com/PwnOnu/T3-Technology-CPE-Advisories/blob/main/CVE-2026-35904.md
https://t3techgroup.com
https://www.ncsa.or.th
https://www.true.th
https://github.com/advisories/GHSA-2cm6-668w-rvw2