Primary

Context

KAON KCM3100 Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in the KAON KCM3100 gateway, specifically in versions through 1.4.2. This vulnerability allows an attacker to bypass authentication from within the local area network (LAN) to which the device is connected.

Impact

Exploitation of this vulnerability allows for authentication to be bypassed, potentially leading to unauthorized access or actions on the device.

Remediation

Users are advised to update the firmware to the latest version, 1.4.8, which is being rolled out gradually starting June 17, 2025. After the update, the modem should be restarted to apply the new version.

Added: Jun 18, 2025, 5:17 AM

Updated: Jun 18, 2025, 5:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

KAON KCM3100 Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating