Description
Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value (e.g., setting it to "admin"), an attacker can bypass the authentication schema and gain unauthorized access to admin functionalities.
Published: 2026-06-04
Score: 9.8 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An improper authentication flaw in the Neterbit NW‑431F Router allows an attacker to evade the authentication mechanism by supplying a predictable cookie value, such as "admin". By altering the cookie value, an attacker can gain full administrative access to the device, enabling configuration changes, network scanning, and potential takeover of the router’s management functions. The weakness stems from a static, easily guessable session token, violating authentication best practices.

Affected Systems

Devices running firmware 20241014‑IR03 and earlier versions of the Neterbit NW‑431F Router contain the flaw and are therefore vulnerable. Upgrading beyond these releases mitigates the risk.

Risk and Exploitability

The flaw carries a CVSS score of 9.8, indicating critical severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, yet its remote exploitation potential via the web interface remains high. An attacker can simply send a crafted HTTP request containing the predictable cookie to the router’s administration panel, bypassing authentication and assuming full control over the device.

Generated by OpenCVE AI on June 4, 2026 at 19:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to a version that replaces the predictable cookie with a random, cryptographically secure authentication token. If an official update has not yet been released, contact Neterbit support for guidance on securing the device or for an interim fix.
  • Disable remote administrative access or restrict the router’s management interface to a trusted internal network or VPN, limiting exposure to external attackers.
  • Configure firewall or router policies to block HTTP requests that contain the default "admin" cookie value and enforce strict session validation based on secure, random tokens.

Generated by OpenCVE AI on June 4, 2026 at 19:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 04 Jun 2026 19:45:00 +0000

Type Values Removed Values Added
Title Authentication Bypass via Predictable Cookie Value in Neterbit NW‑431F Router

Thu, 04 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-384
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Description Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value (e.g., setting it to "admin"), an attacker can bypass the authentication schema and gain unauthorized access to admin functionalities.
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-04T17:07:53.238Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-67446

cve-icon Vulnrichment

Updated: 2026-06-04T17:07:06.304Z

cve-icon NVD

Status : Deferred

Published: 2026-06-04T17:16:30.480

Modified: 2026-06-04T19:15:31.080

Link: CVE-2025-67446

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-04T19:30:21Z

Weaknesses