Authentication Bypass Vulnerability in Taiko AG1000-01A SMS Alert Gateway
CVE-2026-9141

9.3CRITICAL

Key Information:

Vendor: Taiko Network Communications Pte Ltd.
Status: Ag1000-01a Sms Alert Gateway
Vendor: CVE Published:; 20 May 2026

🔔 Create Taiko Network Communications Pte Ltd. Vulnerability Alert

What is CVE-2026-9141?

The Taiko AG1000-01A SMS Alert Gateway, in versions 7.3 and 8, has a significant weakness within its embedded web configuration interface, allowing attackers to bypass authentication mechanisms. This vulnerability can be exploited by unauthenticated individuals who possess network access, enabling them to directly request critical internal resources such as index.zhtml, point.zhtml, and log.shtml. Exploiting this flaw provides unauthorized users with full administrative access to modify alarm routing, change device configurations, and potentially disrupt monitoring and control functions, highlighting a serious security risk that needs to be addressed.

Affected Version(s)

AG1000-01A SMS Alert Gateway Rev 7.3

AG1000-01A SMS Alert Gateway Rev 8

AG1000-01A SMS Alert Gateway UM-AG1000_R7.2

References

https://medium.com/@forgetmen0t/multiple-vulnerabilities-...

technical-description

https://www.vulncheck.com/advisories/taiko-ag1000-01a-rev...

third-party-advisory

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
May 20, 2026

Credit

Muhammad Imam Baguna

CVE-2026-9141 Data

JSON