CVE 9.8 CRITICAL

CVE-2025-67446_CVE-2025-67446

June 4, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N

Description

Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value (e.g., setting it to "admin"), an attacker can bypass the authentication schema and gain unauthorized access to admin functionalities.

AI Analysis

Improper Authentication vulnerability allowing attackers to bypass authentication schema and gain unauthorized access to admin functionalities

Basic Information

ID CVE-2025-67446

Source mitre

Published Jun 4, 2026 at 00:00

Modified Jun 4, 2026 at 17:07

Affected Product

Vendor Neterbit

Product NW-431F Router

Version 20241014-IR03 and before

Affected Versions n/a n/a n/a

CWE Classification

CWE-384

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Neterbit

Product NW-431F Router

Version 20241014-IR03 and before

References

{
    "lastseen": "",
    "description": "Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value (e.g., setting it to \"admin\"), an attacker can bypass the authentication schema and gain unauthorized access to admin functionalities.",
    "published": "2026-06-04T00:00:00.000Z",
    "modified": "2026-06-04T17:07:53.238Z",
    "type": "cve",
    "title": "CVE-2025-67446",
    "source": "mitre",
    "references": "https://neterbit.com/\nhttps://github.com/fun-beep/CVEs/tree/main/CVE-2025-67446",
    "id": "CVE-2025-67446",
    "bulletinFamily": "",
    "cwe": [
        "CWE-384"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NW-431F Router",
    "version": "20241014-IR03 and before",
    "vendor": "Neterbit",
    "ai_description": "Improper Authentication vulnerability allowing attackers to bypass authentication schema and gain unauthorized access to admin functionalities",
    "ai_severity": "Critical",
    "ai_vendor": "Neterbit",
    "ai_product": "NW-431F Router",
    "ai_version": "20241014-IR03 and before",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply