Vulnerabilities > CVE-2016-11014 - Insufficient Session Expiration vulnerability in Netgear Jnr1010 Firmware

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
netgear
CWE-613

Summary

NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.

Vulnerable Configurations

Part Description Count
OS
Netgear
1
Hardware
Netgear
1

Common Weakness Enumeration (CWE)