The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password.
The vulnerability results from the lack of proper user identity verification during the administrator password change process in the router's web application. An attacker with only network access to the management interface can send a specially crafted password change request, bypassing current password verification (CWE-620 — Unverified Password Change). After a successful attack, the attacker obtains full administrative privileges to the device.
An attacker can gain full administrative control over the router, enabling modification of network configuration, interception of network traffic, disabling security features (firewall), or using the device as a launching point for further attacks (lateral movement) on the local network.
Patches available from the manufacturer should be applied in accordance with the references. Until updates are applied, it is recommended to restrict access to the router's management interface only to trusted hosts and isolate the device from the public internet.
LevelOne WBR-6012 with firmware version R0.40e6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HLevel1 Wbr 6012
HWLevel1wszystkie wersjeLevel1 Wbr 6012 Firmware
OSLevel1r0.40e6
Related vulnerabilities
Pominięcie uwierzytelnienia w routerze LevelOne WBR-6012 przez spoofing IP
A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne ...
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain ...
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain ...
The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP fu...