Global infos:

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token.

CVE Status: Modified

References:

[email protected]

af854a3a-2127-422b-91ae-364da2661108

Metrics:

Attribute	Value
Attack Complexity	HIGH
Attack Vector	NETWORK
Availability Impact	HIGH
Base Score	9
Base Severity	CRITICAL
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Privileges Required	NONE
Scope	CHANGED
User Interaction	NONE
Vector String	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Exploitability Score	2.2
Impact Score	6
Source	[email protected]
Type	Secondary

Links:

Exploit-db
Github