CVE-2026-6274: Authentication Bypass in DTS Electronics' Redline WR3200
Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- 7.1.8
- Affected Products
- 1
HarborGuard Analysis
Synopsis
Authentication bypass in DTS Electronics' Redline WR3200 router firmware (versions 7.1.3 through before 7.1.8) allows a remote, unauthenticated attacker to reach protected functions that should be restricted by access controls. The vulnerability is reachable over the network with no credentials and no user interaction required. Successful exploitation gives the attacker full read, write, and availability control over the device. A patched-image rebuild at version 7.1.8 is available on HarborGuard for environments running an affected version.
HarborGuard Coverage
Detection of CVE-2026-6274 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images in connected registries and CI/CD pipelines, including custom-built images derived from affected Redline WR3200 firmware bases.
AvailableHarborGuard is capable of scoring this CVE at its full CVSS v3.1 severity of 9.8 (CRITICAL) and weighting findings against each environment's compliance policy before routing alerts to the appropriate team inbox within each customer organization.
AvailableA patched-image rebuild at version 7.1.8 becomes available on HarborGuard the moment the upstream fix is confirmed against an affected image. For customers who opt into auto-remediation, HarborGuard can execute a rebuild, run a regression test suite, and open a PR against affected workloads automatically.
AvailableExploit Conditions
- Network reachabilityRequired
The attacker must be able to reach the device over the network; the vulnerable function is exposed via a network-accessible interface.
- AuthenticationNot required
No credentials of any kind are needed; the bypass allows direct access to protected functions without authentication.
- Victim interactionNot required
The attacker does not need any action from a user or administrator on the target device.
- Attack complexityDetail
Exploitation is reliable and condition-free; no race conditions, special memory layout, or environmental factors need to be satisfied.
Blast Radius
- A successful attacker reads any configuration data, credentials, or stored secrets on the device.
- The attacker can write arbitrary configuration changes, including modifying routing rules, DNS settings, or admin credentials.
- The attacker can render the device unavailable by crashing firmware processes or forcing a factory reset.
- Because the device is a network router, a compromised unit gives the attacker a pivot point into the network segment it serves.
How HarborGuard Handles This
Available on HarborGuard: detection for CVE-2026-6274 is active for any image derived from Redline WR3200 firmware in the 7.1.3-to-7.1.7 range, matched against customer registries and pipelines within minutes of CVE publication. For customers who opt into auto-remediation, HarborGuard can rebuild the image at the patched version 7.1.8, execute a regression run, and open a PR against affected workloads; for high and critical-severity issues, the median time from CVE publication to a merged patch PR is around 90 minutes in environments with auto-remediation enabled. Where compliance policy requires manual approval, HarborGuard surfaces the finding with full CVSS context and routes it to the configured team inbox so no additional triage steps are needed before a human makes the call.
Fix available
- DTS Electronics Industry and Trade Ltd. Co. / Redline WR3200< 7.1.8 (from 7.1.3)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H