cvedb.io
CVE-2025-5495
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2025-06-03T13:15:21.123 · Last modified 2026-06-17T09:48:01.790

Summary

A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue appears to have been circulating as an 0day since 2024.

Affected products

netgear — wnr614_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when netgear ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.