Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue appears to have been circulating as an 0day since 2024.
AnalysisAI
Critical authentication bypass vulnerability in Netgear WNR614 version 1.1.0.28_1.0.1WW that allows unauthenticated remote attackers to access sensitive configuration files through null-byte injection in the URL handler. The vulnerability affects the %00currentsetting.htm endpoint, enabling attackers to retrieve or modify device settings without credentials. This 0day has been publicly disclosed with proof-of-concept code available, and CVSS 7.3 reflects moderate confidentiality, integrity, and availability impact across network-accessible administration functions.
Technical ContextAI
The vulnerability exploits improper input validation in the URL handler component of the Netgear WNR614 web-based management interface. The null-byte (%00) injection technique bypasses authentication checks by truncating the URL path during processing—a classic path traversal/authentication bypass pattern (CWE-287: Improper Authentication). The affected endpoint currentsetting.htm likely contains sensitive router configuration data including network settings, credentials, and system parameters. CPE identifier: cpe:2.7:o:netgear:wnr614_firmware:1.1.0.28_1.0.1ww:*:*:*:*:*:*:*. The root cause stems from inadequate validation of user-supplied input before authentication middleware processes the request, allowing the null byte to short-circuit authentication checks or cause path confusion in the web server stack.
RemediationAI
Firmware Patch: Check Netgear support site (https://www.netgear.com/support/) for WNR614 firmware updates. Manually enter your device's serial number or model to verify latest available firmware version beyond 1.1.0.28_1.0.1WW. Deploy firmware update via device admin interface (Administration > Firmware Upgrade).; priority: Critical Network Isolation Mitigation: Restrict access to router web interface (default ports 80/443) via firewall rules. Disable remote management if enabled (Administration > Remote Management). Isolate WNR614 management traffic to trusted administrative networks only. Implement IP whitelisting if firewall supports it.; priority: High Credential Hardening: Change default admin credentials immediately (default: admin/password). Use strong, unique credentials for web interface access. This does not mitigate the vulnerability but raises attacker friction.; priority: Medium Device Replacement: If no patched firmware is available, consider replacing WNR614 with current-generation Netgear router models receiving active security support (e.g., WAX200 series or newer).; priority: Medium-Long term
More in Wnr614 Firmware
View allNetgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext. Rated high severity (CVS
An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass authentication and access the admin
An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to gain acce
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to de
Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. Rated medium severity
Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories em
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-16726