CVE-2026-36174
MediumCVSS 4.6Exploitation Probability (EPSS)
Low risk4th percentile - higher than 4% of all known CVEs
Summary
GNCC GP5 v7.1.76 was found to store sensitive wireless network information in plaintext during routine operations to the serial console. This allows physically proximate attackers to obtain network credentials by monitoring the UART interface.
Risk Assessment
The organization risks exposure of Wi-Fi credentials, potentially leading to unauthorized network access and subsequent attacks.
Recommendation
Immediately update GNCC GP5 to the latest version and restrict physical access to devices with UART interfaces.
Original NVD description (English source)
GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface.

