漏洞标题
NETGEAR Orbi 760 SOAP API 身份验证绕过漏洞
漏洞描述信息
NETGEAR Orbi 760 SOAP API身份验证绕过漏洞。此漏洞允许网络邻近攻击者在受影响的NETGEAR Orbi 760路由器安装上绕过身份验证。利用此漏洞不需要身份验证。
具体漏洞存在于SOAP API的实现中。问题在于在允许访问功能之前缺少身份验证。攻击者可以利用此漏洞绕过系统上的身份验证。该漏洞被标记为ZDI-CAN-20524。
CVSS信息
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
关键功能的认证机制缺失
漏洞标题
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability
漏洞描述信息
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR Orbi 760 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the SOAP API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20524.
CVSS信息
N/A
漏洞类别
关键功能的认证机制缺失
漏洞标题
NETGEAR Orbi RBS760 安全漏洞
漏洞描述信息
NETGEAR Orbi RBS760是美国网件(NETGEAR)公司的一款无线接入点。 NETGEAR Orbi RBS760 存在安全漏洞,该漏洞源于SOAP API存在身份验证绕过漏洞。
CVSS信息
N/A
漏洞类别
其他