NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass

9.2 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can forge a valid encrypted session cookie using the shared hardcoded key and bypass authentication checks to obtain full administrative control of the management interface while any legitimate administrator session is active.

AI Analysis

Authentication bypass vulnerability in NetComm NF20MESH routers due to hardcoded AES-256 key

Basic Information

ID CVE-2026-35019

Source VulnCheck

Published Jun 23, 2026 at 13:48

Modified Jun 23, 2026 at 15:11

Affected Product

Vendor NetComm Wireless Pty Ltd

Product NF20MESH

Affected Versions NetComm Wireless Pty Ltd NF20MESH 0

CWE Classification

CWE-321

AI Assessment

AI Score 9.2 / 10

AI Severity Critical

Vendor NetComm Wireless Pty Ltd

Product NF20MESH

Version R6B031 and earlier

References

{
    "lastseen": "",
    "description": "NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can forge a valid encrypted session cookie using the shared hardcoded key and bypass authentication checks to obtain full administrative control of the management interface while any legitimate administrator session is active.",
    "published": "2026-06-23T13:48:49.972Z",
    "modified": "2026-06-23T15:11:17.525Z",
    "type": "cve",
    "title": "NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass",
    "source": "VulnCheck",
    "references": "https://signal11.io/advisories/netcomm-nf20-mesh-authentication-bypass\nhttps://support.netcommwireless.com/api/Media/Firmware/4407c21d-e990-49a4-9754-b72475f20c76?Product=NF20MESH%20Release%20Notes.pdf\nhttps://support.netcommwireless.com/products/nf20mesh#Firmware\nhttps://www.vulncheck.com/advisories/netcomm-nf20mesh-r6b032-hardcoded-aes-key-authentication-bypass",
    "id": "CVE-2026-35019",
    "bulletinFamily": "",
    "cwe": [
        "CWE-321"
    ],
    "cvelist": null,
    "sourceData": "NetComm Wireless Pty Ltd NF20MESH 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.2,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NF20MESH",
    "version": "0",
    "vendor": "NetComm Wireless Pty Ltd",
    "ai_description": "Authentication bypass vulnerability in NetComm NF20MESH routers due to hardcoded AES-256 key",
    "ai_severity": "Critical",
    "ai_vendor": "NetComm Wireless Pty Ltd",
    "ai_product": "NF20MESH",
    "ai_version": "R6B031 and earlier",
    "ai_score": 9.2
}

NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass_CVE-2026-35019