Netis Routers Information Disclosure Vulnerability

Vulnerability

A vulnerability allowing remote attackers to access sensitive information exists in multiple Netis router models, including the Wifi6 Router NX10 (versions 2.0.1.3643 and 2.0.1.3582), Wifi 11AC Router NC65 (version 3.0.0.3749), Wifi 11AC Router NC63 (versions 3.0.0.3327 and 3.0.0.3503), Wifi 11AC Router NC21 (versions 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329), and Wifi Router MW5360 (versions 1.0.1.3442 and 1.0.1.3031). The issue arises from the endpoint /cgi-bin/skk_set.cgi and the binary /bin/scripts/start_wifi.sh, which can be exploited to retrieve confidential information.

Impact

Exploitation of this vulnerability leads to unauthorized access to sensitive information.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

1.3

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

0.0

relevance

0.0

threat

1.3

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netis Routers Information Disclosure Vulnerability

Vulnerability

Impact

Affected Products

Netis Wifi Router MW5360

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating