cnvd - cnvd-2025-16641

CNVD-2025-16641

Vulnerability from cnvd - Published: 2025-07-21

Title

NETGEAR WNR614身份验证不当漏洞

Description

NETGEAR WNR614是一款面向家庭及小型办公环境的无线路由器，具备基础网络管理功能与150Mbps无线传输性能。 NETGEAR WNR614存在身份验证不当漏洞，该漏洞源于currentsetting.htm的输入，攻击者可利用该漏洞导致机密性、完整性和可用性受影响。

Severity

高

Patch Name

NETGEAR WNR614身份验证不当漏洞的补丁

Patch Description

NETGEAR WNR614是一款面向家庭及小型办公环境的无线路由器，具备基础网络管理功能与150Mbps无线传输性能。 NETGEAR WNR614存在身份验证不当漏洞，该漏洞源于currentsetting.htm的输入，攻击者可利用该漏洞导致机密性、完整性和可用性受影响。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级程序修复该安全问题，详情见厂商官网： https://www.netgear.com/support/product/wnr614/#download

Reference

https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md

Impacted products

Name
NETGEAR WNR614 1.1.0.28_1.0.1WW

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-5495",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-5495"
    }
  },
  "description": "NETGEAR WNR614\u662f\u4e00\u6b3e\u9762\u5411\u5bb6\u5ead\u53ca\u5c0f\u578b\u529e\u516c\u73af\u5883\u7684\u65e0\u7ebf\u8def\u7531\u5668\uff0c\u5177\u5907\u57fa\u7840\u7f51\u7edc\u7ba1\u7406\u529f\u80fd\u4e0e150Mbps\u65e0\u7ebf\u4f20\u8f93\u6027\u80fd\u3002\n\nNETGEAR WNR614\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u4e0d\u5f53\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ecurrentsetting.htm\u7684\u8f93\u5165\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u53d7\u5f71\u54cd\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://www.netgear.com/support/product/wnr614/#download",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-16641",
  "openTime": "2025-07-21",
  "patchDescription": "NETGEAR WNR614\u662f\u4e00\u6b3e\u9762\u5411\u5bb6\u5ead\u53ca\u5c0f\u578b\u529e\u516c\u73af\u5883\u7684\u65e0\u7ebf\u8def\u7531\u5668\uff0c\u5177\u5907\u57fa\u7840\u7f51\u7edc\u7ba1\u7406\u529f\u80fd\u4e0e150Mbps\u65e0\u7ebf\u4f20\u8f93\u6027\u80fd\u3002\r\n\r\nNETGEAR WNR614\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u4e0d\u5f53\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ecurrentsetting.htm\u7684\u8f93\u5165\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u53d7\u5f71\u54cd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "NETGEAR WNR614\u8eab\u4efd\u9a8c\u8bc1\u4e0d\u5f53\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "NETGEAR WNR614 1.1.0.28_1.0.1WW"
  },
  "referenceLink": "https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md",
  "serverity": "\u9ad8",
  "submitTime": "2025-06-11",
  "title": "NETGEAR WNR614\u8eab\u4efd\u9a8c\u8bc1\u4e0d\u5f53\u6f0f\u6d1e"
}

CVE-2025-5495 (GCVE-0-2025-5495)

Vulnerability from cvelistv5 – Published: 2025-06-03 12:31 – Updated: 2025-06-03 13:05

Summary

A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue appears to have been circulating as an 0day since 2024.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.3 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-287 - Improper Authentication

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.310911	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.310911	signaturepermissions-required
	https://vuldb.com/?submit.584939	third-party-advisory
	https://github.com/Shuanunio/CVE_Requests/blob/ma…	exploit
	https://www.netgear.com/	product

Impacted products

	Vendor	Product	Version
	Netgear	WNR614	Affected: 1.1.0.28_1.0.1WW

Credits

shuanunio (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5495",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-03T13:04:49.176369Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T13:05:08.689Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "URL Handler"
          ],
          "product": "WNR614",
          "vendor": "Netgear",
          "versions": [
            {
              "status": "affected",
              "version": "1.1.0.28_1.0.1WW"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "shuanunio (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue appears to have been circulating as an 0day since 2024."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in Netgear WNR614 1.1.0.28_1.0.1WW ausgemacht. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Komponente URL Handler. Durch das Manipulieren mit der Eingabe %00currentsetting.htm mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-03T12:31:04.672Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-310911 | Netgear WNR614 URL improper authentication",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.310911"
        },
        {
          "name": "VDB-310911 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.310911"
        },
        {
          "name": "Submit #584939 | Netgear WNR614 V1.1.0.28_1.0.1WW Authorization Bypass",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.584939"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.netgear.com/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-06-03T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-06-03T07:05:46.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Netgear WNR614 URL improper authentication"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-5495",
    "datePublished": "2025-06-03T12:31:04.672Z",
    "dateReserved": "2025-06-03T05:00:33.181Z",
    "dateUpdated": "2025-06-03T13:05:08.689Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-16641

CVE-2025-5495 (GCVE-0-2025-5495)

Tags

Sightings

Nomenclature