N/A

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483.

N/A

使用候选路径或通道进行的认证绕过

NETGEAR R7000 授权问题漏洞

Netgear NETGEAR R7000是美国网件（Netgear）公司的一款无线路由器。 NETGEAR R7000 Router 中存在授权问题漏洞，该漏洞源于产品在处理soap请求重置密码时缺少有效的身份验证。攻击者可通过该漏洞重置密码。

N/A

N/A