Tracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device's web management interface.