CVE-2025-67446 in NW-431Finfo

Summary

by MITRE • 06/04/2026

Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value (e.g., setting it to "admin"), an attacker can bypass the authentication schema and gain unauthorized access to admin functionalities.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

MITRE

Reservation

12/08/2025

Disclosure

06/04/2026

Moderation

accepted

Entry

VDB-368386

CPE

ready

CWE

CWE-287 (confirmed)

CVSS

9.8 (CNA)

EPSS

0.00080

KEV

Activities

low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-67446
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-67446
CVE Details	https://www.cvedetails.com/cve/CVE-2025-67446/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!