Netis Routers Information Disclosure Vulnerability in skk_get.cgi Component

Vulnerability

A vulnerability allowing remote attackers to access sensitive information exists in several Netis router models, including the Wifi6 Router NX10 (versions 2.0.1.3643 and 2.0.1.3582), Wifi 11AC Router NC65 (version 3.0.0.3749), Wifi 11AC Router NC63 (versions 3.0.0.3327 and 3.0.0.3503), Wifi 11AC Router NC21 (versions 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329), and Wifi Router MW5360 (versions 1.0.1.3442 and 1.0.1.3031). The issue arises from the skk_get.cgi component, where the mode_name and wl_link parameters can be exploited to retrieve sensitive information.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

1.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

1.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netis Routers Information Disclosure Vulnerability in skk_get.cgi Component

Vulnerability

Impact

Affected Products

Netis Wifi Router MW5360

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating