CVE-2018-21125

Vulnerability

An authentication bypass vulnerability (PSV-2018-0261) exists in NETGEAR WAC510 access points running firmware versions prior to 5.0.0.17 [1]. The exact mechanism is not detailed in the advisory, but the vulnerability allows an attacker to bypass the authentication mechanism of the device's management interface or other protected functions.

Exploitation

An attacker can exploit this vulnerability without authentication over the local network. The CVSS vector (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) indicates the attack is launched from an adjacent network, requires low complexity, and no user interaction [1]. The attacker must be within wireless range or have network access to the device's management interface.

Impact

Successful exploitation grants the attacker high impact confidentiality, integrity, and availability compromise [1]. The attacker can gain complete control over the device, potentially reading sensitive data, modifying configuration, or disrupting normal operation.

Mitigation

NETGEAR released firmware version 5.0.0.17 to address this vulnerability [1]. Users should download and install the latest firmware from NETGEAR Support. No workarounds other than updating to the fixed version are currently available.