Primary

Context

Orbe ONetView Roteador Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in the Orbe ONetView Roteador Onet-1200, specifically in the version Orbe 1680210096. This vulnerability allows remote attackers to escalate privileges by manipulating the server's response from a status code 500 to a status code 200.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain elevated rights on the affected device.

Reproduction

To reproduce this vulnerability, access the router's menu page and click on any option, which will trigger a 500 error response. This error can be intercepted and modified using a tool like Burp Suite, changing the response status code to 200. Once the status code is altered, access to the router's configuration page is granted, enabling the execution of administrative tasks.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.6

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.6

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Orbe ONetView Roteador Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating