Authentication flaw

2023-03-2919:15:00

PRIOn knowledge base

www.prio-n.com

netgear r6700v3

authentication bypass

readycloud_control.cgi

unauthenticated attackers

code execution

root access

zdi-can-15762

0.003 Low

EPSS

Percentile

71.1%

JSON

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762.

CPENameOperatorVersion
lax20_firmwarelt1.1.6.34
r6400_firmwarelt1.0.4.126
r6700_firmwarelt1.0.4.126
r7000_firmwarelt1.0.11.134
r7850_firmwarelt1.0.5.84
r7900p_firmwarelt1.4.3.88
r7960p_firmwarelt1.4.3.88
r8000_firmwarelt1.0.4.84
r8000p_firmwarelt1.4.3.88
r8500_firmwarelt1.0.2.158

Name	Operator	Version
lax20_firmware	lt	1.1.6.34
r6400_firmware	lt	1.0.4.126
r6700_firmware	lt	1.0.4.126
r7000_firmware	lt	1.0.11.134
r7850_firmware	lt	1.0.5.84
r7900p_firmware	lt	1.4.3.88
r7960p_firmware	lt	1.4.3.88
r8000_firmware	lt	1.0.4.84
r8000p_firmware	lt	1.4.3.88
r8500_firmware	lt	1.0.2.158