The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token.
Metrics
Affected Vendors & Products
References
History
Fri, 08 Nov 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Level1
Level1 wbr-6012 Level1 wbr-6012 Firmware |
|
CPEs | cpe:2.3:h:level1:wbr-6012:-:*:*:*:*:*:*:* cpe:2.3:o:level1:wbr-6012_firmware:r0.40e6:*:*:*:*:*:*:* |
|
Vendors & Products |
Level1
Level1 wbr-6012 Level1 wbr-6012 Firmware |
Wed, 30 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Levelone
Levelone wbr-6012 |
|
CPEs | cpe:2.3:a:levelone:wbr-6012:*:*:*:*:*:*:*:* | |
Vendors & Products |
Levelone
Levelone wbr-6012 |
|
Metrics |
ssvc
|
Wed, 30 Oct 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token. | |
Weaknesses | CWE-291 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2024-10-30T13:35:15.373Z
Updated: 2024-10-30T15:03:05.748Z
Reserved: 2024-05-06T19:45:48.535Z
Link: CVE-2024-23309
Vulnrichment
Updated: 2024-10-30T15:03:05.748Z
NVD
Status : Analyzed
Published: 2024-10-30T14:15:04.153
Modified: 2024-11-08T18:27:00.643
Link: CVE-2024-23309
Redhat
No data.