Back to overview

CVE-2026-13211

MEDIUM Exploitation: PoC
4.3
CVSS 3.1
Description
The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role.

Metadata

CVE ID
CVE-2026-13211
State
PUBLISHED
Assigner
sba-research
Reserved
2026-06-24 15:07 UTC
Published
2026-07-01 15:46 UTC
Last updated
2026-07-01 17:47 UTC
Primary CWE
CWE-201
CWE-201 Insertion of sensitive information into sent data
Vendor / Product
genua / genucenter
Sources
cve.org  ·  NVD

Severity & Metrics

4.3 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
SSVC — CISA Coordinator
Exploitation
PoC
Automatable
no
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
genua genucenter 8.0 ≤ 8.0p10, 8.0p11 < 8.1, 8.6
Weakness (CWE)
CWESourceDescription
CWE-201 cna CWE-201 Insertion of sensitive information into sent data
CVSS scores (1)
ScoreSeverityVersionSourceVector
4.3 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Back to overview