Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password.
References
Link | Resource |
---|---|
https://drupal9.tenable.com/security/research/tra-2023-10 | Permissions Required |
https://github.com/advisories/GHSA-pvxx-rv48-qw5m | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Mar 2023, 17:59
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-287 | |
First Time |
Netgear
Netgear rax30 Firmware Netgear rax30 |
|
CPE | cpe:2.3:h:netgear:rax30:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax30_firmware:*:*:*:*:*:*:*:* |
|
References |
|
|
References | (MISC) https://drupal9.tenable.com/security/research/tra-2023-10 - Permissions Required | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
14 Mar 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-14 22:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-1327
Mitre link : CVE-2023-1327
CVE.ORG link : CVE-2023-1327
JSON object : View
Products Affected
netgear
- rax30_firmware
- rax30
CWE
CWE-287
Improper Authentication