How severe is CVE-2023-41183?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2023-41183?

This is classified as CWE-306, which is a common weakness in software security.

CVE-2023-41183 - HIGH Severity | CVSS 8.8

Vulnerability Description

NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR Orbi 760 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the SOAP API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20524.

Related Vulnerabilities

CVE-2016-6541

HIGH

CVSS:8.8(High)

TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Androi...

CWE-3062016

CVE-2016-7830

HIGH

CVSS:8.8(High)

Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on...

CWE-3062016

CVE-2017-10854

HIGH

CVSS:8.8(High)

Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors.

CWE-3062017

CVE-2018-0521

HIGH

CVSS:8.8(High)

Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CWE-3062018

CVE-2018-0554

HIGH

CVSS:8.8(High)

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CWE-3062018

CVE-2018-11476

HIGH

CVSS:8.8(High)

An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the ...

CWE-3062018