Primary

Context

KeeneticOS CRLF Injection Vulnerability in the Authentication API Endpoint

Vulnerability

A CRLF injection vulnerability has been identified in KeeneticOS versions prior to 4.3, specifically at the '/auth' API endpoint. This vulnerability allows remote attackers to manipulate HTTP headers and inject unauthorized commands. Exploitation involves adding new administrative users, thereby gaining control of the affected device. The attack requires the victim to open a specially crafted page.

Impact

Exploitation of this vulnerability could lead to unauthorized user management actions, allowing attackers to gain administrative control over the device.

Remediation

Users are advised to upgrade to KeeneticOS 4.3, which addresses this vulnerability. Firmware updates can be applied through the device's web interface or the Keenetic mobile app.

Added: Oct 23, 2025, 3:20 PM

Updated: Oct 23, 2025, 5:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.4

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.4

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

KeeneticOS CRLF Injection Vulnerability in the Authentication API Endpoint

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating