exploitDog

CVE-2025-68717

Опубликовано: 08 янв. 2026

Источник: nvd

CVSS3: 9.4

EPSS Низкий

Описание

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user's active session to retrieve sensitive configuration data or execute privileged actions without authentication.

Ссылки

https://github.com/actuator/cve/blob/main/KAYSUS/CVE-2025-68717.txt
Third Party Advisory
https://github.com/actuator/cve/tree/main/KAYSUS
Exploit
https://www.kaysus.com/ks_wr3600__wifi_7_be3600_wireless_router.html
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:kaysus:ks-wr3600_firmware:1.0.5.9.1:*:*:*:*:*:*:*

cpe:2.3:h:kaysus:ks-wr3600:-:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00268

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-4cc6-4h77-4425

CVSS3: 9.4

github

около 1 месяца назад

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user's active session to retrieve sensitive configuration data or execute privileged actions without authentication.

EPSS

Процентиль: 50%

0.00268

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-287