Описание
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.
Ссылки
- Vendor Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:netgear:wndr4700_firmware:1.0.0.34:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wndr4700:-:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01584
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.
EPSS
Процентиль: 81%
0.01584
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-287