CVE-2025-67446
Description
Neterbit NW-431F Router is vulnerable to authentication bypass via predictable cookie values, allowing unauthorized admin access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Neterbit NW-431F Router is vulnerable to authentication bypass via predictable cookie values, allowing unauthorized admin access.
Vulnerability
Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router software version 20241014-IR03 and earlier. The router utilizes a weak and predictable cookie value for its authentication mechanism. By manipulating this cookie, an attacker can bypass the intended authentication process [1].
Exploitation
An attacker can exploit this vulnerability by modifying the username cookie to admin and then sending a request to the root page or a new request with the modified cookie. This allows them to gain unauthorized access to administrative functionalities without proper authentication [1].
Impact
Successful exploitation of this vulnerability grants an attacker unauthorized access to the router's administrative functionalities. This could lead to a complete compromise of the device's configuration and potentially allow for further network manipulation [1].
Mitigation
A fixed version for the Neterbit NW-431F Router is not yet available. Users are advised to monitor Neterbit's official channels for updates. No workarounds or EOL status are disclosed in the available references [1, 2].
AI Insight generated on Jun 4, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=20241014-IR03
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The router uses a weak and predictable cookie value for authentication, allowing unauthorized access."
Attack vector
An attacker can exploit this vulnerability by modifying the 'username' cookie value to 'admin' on the login page. After changing the cookie, the attacker can send a request to the root page or include the modified cookie in a new request. This action bypasses the authentication mechanism, granting the attacker unauthorized administrative privileges [ref_id=1]. The vulnerability is accessible over the network without requiring user interaction or prior privileges.
Affected code
The vulnerability affects the Neterbit NW-431F Router with software version NW-431F-20241014-IR03 and earlier [ref_id=1]. The specific code responsible for cookie handling and authentication is not detailed in the provided information.
What the fix does
The advisory does not specify a fixed version or provide details on a patch. It indicates that a fixed version is not yet available. Users are advised to consult the vendor for remediation guidance.
Preconditions
- networkThe attacker must have network access to the router's login page.
- inputThe attacker needs to be able to intercept and modify HTTP requests, specifically the 'username' cookie.
Reproduction
1. Open the login page (https://192.168.1.1/login.asp). 2. Change the "username" cookie value to "admin". 3. Send a request to the root page (https://192.168.1.1/) or send the modified cookie in a new request. 4. Observe that the application grants admin privileges without proper authentication [ref_id=1].
Generated on Jun 4, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.