Primary

Context

NETGEAR WAX610 and WAX610Y Login Credential Logging Vulnerability

Vulnerability

A vulnerability exists in NETGEAR WAX610 and WAX610Y access points, prior to version 10.8.11.4, where login credentials are unintentionally logged if a Syslog Server is configured. This issue allows users with access to the syslog server to read the logs containing these credentials.

Impact

Exposed login credentials in syslog logs, accessible to users with access to the syslog server.

Remediation

Users can update to NETGEAR WAX610 firmware version 11.8.0.10 or later, or WAX610Y firmware version 11.8.0.10 or later. Instructions for downloading the firmware are available on the NETGEAR Download Center.

Added: Nov 11, 2025, 5:31 PM

Updated: Nov 11, 2025, 5:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

5.2

remediation

7.7

relevance

1.0

threat

0.0

urgency

5.7

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

5.2

remediation

7.7

relevance

1.0

threat

0.0

urgency

5.7

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NETGEAR WAX610 and WAX610Y Login Credential Logging Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating