netgear wnap320 router WNAP320_V2.0.3_firmware is... · CVE-2022-31876 · GitHub Advisory Database · GitHub

netgear wnap320 router WNAP320_V2.0.3_firmware is...

Moderate severity Unreviewed Published Jun 18, 2022 to the GitHub Advisory Database • Updated Jan 27, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies.

References

Published by the National Vulnerability Database

Jun 17, 2022

Published to the GitHub Advisory Database Jun 18, 2022

Last updated Jan 27, 2023

Severity

Moderate

/ 10

CVSS v3 base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N