CNNVD-202601-4139 Information

CNNVD ID

CNNVD-202601-4139

Related CVE

CVE-2026-1364

• CNNVD Published: 2026-01-23

Description (Chinese)

JNC IAQS和JNC I6都是中国台湾铭祥（JNC）公司的产品。JNC IAQS是一款智能室内空气质量监测与管理系统。JNC I6是一款物联网网关记录器。 JNC IAQS和JNC I6存在访问控制错误漏洞，该漏洞源于缺少身份验证，可能导致未经身份验证的远程攻击者直接操作系统管理功能。

Description (English)

Both JNC IAQS and JNC I6 are products of Taiwan Taiwan (JNC). JNC IAQS is a smart indoor air quality monitoring and management system. JNC I6 is a web-connected gateway recorder. JNC IAQS and JNC I6 have access control errors, which stem from a lack of identification, which may lead to the direct operating system management function of unidentified remote assailants.

Hazard Level

Low

Vulnerability Type

访问控制错误

Affected Vendor

铭祥

Published

2026-01-23

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10653-117a1-2.html https://www.twcert.org.tw/tw/cp-132-10652-4cdca-1.html

Patch

https://www.jnc-tec.com.tw/zh-TW/product-IAQS