CVE-2026-36178 | THREATINT

Description

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data.

PUBLISHED Reserved 2026-04-06 | Published 2026-06-04 | Updated 2026-06-04 | Assigner mitre

References

github.com/...search-Public/blob/main/GNCC-GP5-T23/README.md exploit

gncc.com

gp5.com

github.com/...search-Public/blob/main/GNCC-GP5-T23/README.md

cve.org (CVE-2026-36178)

nvd.nist.gov (CVE-2026-36178)

Download JSON