PT-2017-13193 · Ctek · Ctek Skyrouter Series 4400+1

Published

2017-10-04

Updated

2019-10-09

CVE-2017-14000

CVSS v3.1

9.4

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions Ctek SkyRouter Series 4200 and 4400 versions prior to V6.00.11

Description An issue was discovered that allows a malicious user to access the application without authenticating by accessing a specific URL on the web server.

Recommendations For versions prior to V6.00.11, update to version V6.00.11 or later to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2017-14000

Affected Products

Ctek Skyrouter Series 4200

Ctek Skyrouter Series 4400

PT-2017-13193 · Ctek · Ctek Skyrouter Series 4400+1

CVE-2017-14000

Weakness Enumeration

Related Identifiers

Affected Products

References · 4