CVE-2024-23309

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1996	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:level1:wbr-6012_firmware:r0.40e6:*:*:*:*:*:*:*

cpe:2.3:h:level1:wbr-6012:-:*:*:*:*:*:*:*

History

08 Nov 2024, 18:27

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~9.0~~	v2 : unknown v3 : 8.1
References	~~() https://talosintelligence.com/vulnerability_reports/TALOS-2024-1996 -~~	() https://talosintelligence.com/vulnerability_reports/TALOS-2024-1996 - Exploit, Third Party Advisory
CPE		cpe:2.3:h:level1:wbr-6012:-:::::::* cpe:2.3:o:level1:wbr-6012_firmware:r0.40e6:::::::*
First Time		Level1 Level1 wbr-6012 Level1 wbr-6012 Firmware

01 Nov 2024, 12:57

Type	Values Removed	Values Added
Summary		(es) El enrutador LevelOne WBR-6012 con firmware R0.40e6 tiene una vulnerabilidad de omisión de autenticación en su aplicación web debido a que depende de las direcciones IP del cliente para la autenticación. Los atacantes podrían falsificar una dirección IP para obtener acceso no autorizado sin necesidad de un token de sesión.

30 Oct 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-30 14:15

Updated : 2024-11-08 18:27

NVD link : CVE-2024-23309

Mitre link : CVE-2024-23309

CVE.ORG link : CVE-2024-23309

JSON object : View

Products Affected

level1

wbr-6012
wbr-6012_firmware

CWE

CWE-291

Reliance on IP Address for Authentication

{"id": "CVE-2024-23309", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.2}]}, "published": "2024-10-30T14:15:04.153", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1996", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-291"}]}], "descriptions": [{"lang": "en", "value": "The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token."}, {"lang": "es", "value": "El enrutador LevelOne WBR-6012 con firmware R0.40e6 tiene una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en su aplicaci\u00f3n web debido a que depende de las direcciones IP del cliente para la autenticaci\u00f3n. Los atacantes podr\u00edan falsificar una direcci\u00f3n IP para obtener acceso no autorizado sin necesidad de un token de sesi\u00f3n."}], "lastModified": "2024-11-08T18:27:00.643", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:level1:wbr-6012_firmware:r0.40e6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCC94B2E-4651-4E98-90A1-CB53CC2E24CC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:level1:wbr-6012:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1FD255E3-0DBF-440C-AC6A-90B30DB59B34"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}