Authentication Bypass Vulnerability in Netgear WNR1000v3 Router
CVE-2013-3316

9.8CRITICAL

Key Information:

Vendor
Netgear
Status
Wnr1000 Firmware
Vendor
CVE Published:
29 January 2020

Summary

The Netgear WNR1000v3 router is susceptible to an authentication bypass vulnerability due to improper validation of URLs that include a .jpg extension. This flaw allows attackers to bypass authentication mechanisms, potentially granting unauthorized access to sensitive functionalities of the router. Users are advised to upgrade their firmware to version 1.0.2.60 or later to mitigate this security risk. Additionally, securing the device with strong passwords and proper configurations is essential to prevent exploitation.

References

http://www.exploit-db.com/exploits/24916/
exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.