CVE-2019-12510: Auth Bypass Via X-Forwarded-For Header in SOAP API
First published: Mon Feb 24 2020(Updated: )
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For header of the device's LAN IP address (192.168.1.1) in every request. As a result, an attacker may modify almost all of the device's settings and view various configuration settings.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear Nighthawk X10-r9000 Firmware | <1.0.4.26 | |
| NETGEAR Nighthawk X10-R9000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-12510?
CVE-2019-12510 is a vulnerability in NETGEAR Nighthawk X10-R900 prior to 1.0.4.26 that allows an attacker to bypass authentication checks.
How severe is CVE-2019-12510?
CVE-2019-12510 has a severity rating of 9.1 (Critical).
How does CVE-2019-12510 work?
CVE-2019-12510 allows an attacker to bypass all authentication checks on the device's NETGEAR Genie SOAP API by supplying a malicious X-Forwarded-For header.
What is the affected software of CVE-2019-12510?
The affected software of CVE-2019-12510 is NETGEAR Nighthawk X10-R900 firmware versions up to 1.0.4.26.
Is NETGEAR Nighthawk X10-R9000 vulnerable to CVE-2019-12510?
No, NETGEAR Nighthawk X10-R9000 is not vulnerable to CVE-2019-12510.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/title
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/source
- vendor/netgear
- canonical/netgear nighthawk x10-r9000 firmware
- canonical/netgear nighthawk x10-r9000