First published: Wed Oct 30 2024(Updated: )
The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Level1 WBR-6012 Firmware | =r0.40e6 | |
Level1 WBR-6012 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-23309 has a high severity level due to its potential for unauthorized access to the router.
To fix CVE-2024-23309, update the LevelOne WBR-6012 router firmware to a version that addresses this vulnerability.
Users of the LevelOne WBR-6012 router firmware R0.40e6 are affected by CVE-2024-23309.
CVE-2024-23309 is classified as an authentication bypass vulnerability.
Attackers can exploit CVE-2024-23309 to gain unauthorized access to the router by spoofing an IP address.