CVE-2023-1327

Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
tenableCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
netgearrax30_firmware
𝑥
< 1.0.6.74
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://drupal9.tenable.com/security/research/tra-2023-10
https://github.com/advisories/GHSA-pvxx-rv48-qw5m
https://drupal9.tenable.com/security/research/tra-2023-10