Dual CVSS 10.0 Bugs Fixed in Emergency Acer Router Patch

Acer has issued an urgent firmware update for Connect W6x routers to address multiple critical vulnerabilities — including an authentication bypass (CVE-2026-49197) and an MQTT command injection (CVE-2026-49199) — both rated CVSS 10.0, plus several other high-severity fixes; administrators are instructed to update to firmware W6x_GBL_2.00.000008 or later and follow the provided update steps to mitigate remote takeover and code execution risks.