CVE-2026-11849— IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials
Affected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IEI Integration Corp | iRM-TSi410X | < 1.4.19 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-11849
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IEI Integration Corp|iRM-IEI Remote Management - Hard-coded Credentials
Source: NVD (National Vulnerability Database)
Vulnerability Description
The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
IEI Integration Corp iRM-TSi410X 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IEI Integration Corp iRM-TSi410X是中国IEI Integration Corp公司的一款专为工业计算环境设计的无风扇远程管理边缘迷你服务器。 IEI Integration Corp iRM-TSi410X 1.4.19之前版本存在信任管理问题漏洞,该漏洞源于硬编码凭据问题,可能导致未经身份验证的远程攻击者利用硬编码凭据获取数据库管理权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IEI Integration Corp | iRM-TSi410X | 0 ~ 1.4.19 | - |
II. Public POCs for CVE-2026-11849
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-11849
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-11849 (2)
Same Patch Batch · IEI Integration Corp · 2026-06-12 · 6 CVEs total
| CVE-2026-11846 | 8.1 HIGH | IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion |
| CVE-2026-11845 | 7.2 HIGH | IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - OS Command Injection |
| CVE-2026-11848 | 5.3 MEDIUM | IEI Integration Corp| iRM-IEI Remote Management - Missing Authentication |
| CVE-2026-11844 | 4.9 MEDIUM | IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Read |
| CVE-2026-11847 | 4.3 MEDIUM | Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion |
IV. Related Vulnerabilities
Same vendor: IEI Integration Corp
- CVE-2026-11848
IEI Integration Corp| iRM-IEI Remote Management - Missing Au - CVE-2026-11847
Integration Corp|iVEC-IEI Virtualization Edge Computer - Arb - CVE-2026-11846
IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - - CVE-2026-11845
IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - - CVE-2026-11844
IEI Integration Corp|iVEC-IEI Virtualization Edge Computer -
Same weakness: CWE-798
- CVE-2026-47846
Bitnami Cassandra默认超级用户漏洞 - CVE-2026-47847
Bitnami MariaDB Galera 硬编码凭证漏洞 - CVE-2025-10560
Hardcoded cloud credentials in Worksnaps client application - CVE-2026-5667
Information Disclosure, Information Tampering, or Denial-of- - CVE-2026-22312
Use of Hard-coded Credentials Vulnerability in Radiflow iSAP
V. Comments for CVE-2026-11849
No comments yet