CRITICAL🇵🇱 Wersja polska

CVE-2025-4978

CVSS 9.3v4.0pub. 2025-05-20upd. 2025-06-12

A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1.00.15NA. This affects an unknown part of the file /BRS_top.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Netgear Dgnd3700

    HW
    Netgear
    v2
  • Netgear Dgnd3700 Firmware

    OS
    Netgear
    1.1.00.15_1.00.15na
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2019-17373CRITICAL9.8ten sam produkt

Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending wi...

CVE-2016-5649CRITICAL9.8ten sam produkt

A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, an...

CVE-2016-11059HIGH7.5ten sam produkt

Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before...

CVE-2025-4977MEDIUM6.9ten sam produkt

A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. ...

CVE-2025-4980MEDIUM6.9ten sam produkt

A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. This vul...