CVE-2026-31928
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk36th percentile — higher than 36% of all known CVEs
Summary
DMP-5000 devices are shipped with a default administrative web account that has weak authentication controls and is not required to be changed during initial setup or operation. Using these accounts provides full system access.
Risk Assessment
The organization is at risk of unauthorized access to DMP-5000 devices, potentially leading to system compromise, data leakage, or network disruption.
Recommendation
Immediately change default administrative account passwords to strong, unique passwords and enforce a policy requiring regular password changes.
Original NVD description (English source)
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access.

