The Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 contains a critical authentication vulnerability. The router uses a static authentication nonce that remains unchanged between requests from the same source IP address. This flaw is compounded by a predictable XOR-based password encoding mechanism in the securityEncode function. An attacker can exploit these weaknesses to reverse-engineer captured authentication tokens and recover plaintext passwords. This vulnerability allows unauthorized access to router administration by bypassing the authentication mechanism through cryptographic analysis of captured network traffic.