URL Handler Vulnerability in Netgear Router Affects Remote Authentication
CVE-2025-5495
Key Information:
Badges
What is CVE-2025-5495?
A critical vulnerability has been identified in the Netgear WNR614 router, specifically in the URL Handler component. This issue is triggered through manipulation of input parameters, allowing for improper authentication processes. The vulnerability exposes the device to remote attacks, potentially enabling unauthorized access to sensitive settings and controls. As details of the exploit have been made public, it has been categorized as an active threat since 2024, highlighting the need for immediate attention and remediation to protect user security.
Affected Version(s)
WNR614 1.1.0.28_1.0.1WW
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved