N/A

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762.

N/A

关键功能的认证机制缺失

NETGEAR R6700v3 访问控制错误漏洞

NETGEAR R6700v3是美国网件（NETGEAR）公司的一款路由器。连接两个或多个网络的硬件设备，在网络间起网关的作用。 NETGEAR R6700v3 1.0.4.120_10.0.91版本存在访问控制错误漏洞，该漏洞源于字符串匹配逻辑不正确。攻击者利用该漏洞在root环境中执行任意代码。

N/A

N/A