Netgear WNR614 1.1.0.28_1.0.1WW URL Handler auth bypass
CVE-2025-5495 Published on June 3, 2025
Netgear WNR614 URL improper authentication
A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue appears to have been circulating as an 0day since 2024.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Type
What is an authentification Vulnerability?
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
CVE-2025-5495 has been classified to as an authentification vulnerability or weakness.
Products Associated with CVE-2025-5495
Want to know whenever a new CVE is published for Netgear Wnr614 Firmware? stack.watch will email you.
Affected Versions
Netgear WNR614 Version 1.1.0.28_1.0.1WW is affected by CVE-2025-5495Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.