Kaysus Ks-Wr3600 Firmware vulnerabilities
3 known vulnerabilities affecting kaysus/ks-wr3600_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2025-68717P2CRITICALCVSS 9.4v1.0.5.9.12026-01-08
CVE-2025-68717 [CRITICAL] CWE-287 CVE-2025-68717: KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validati
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user's active session to retrieve sensitive configuration
nvd
CVE-2025-68719P3HIGHCVSS 8.8v1.0.5.9.12026-01-08
CVE-2025-68719 [HIGH] CWE-200 CVE-2025-68719: KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 mishandle configuration management. Once any user i
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 mishandle configuration management. Once any user is logged in and maintains an active session, an attacker can directly query the backup endpoint and download a full configuration archive. This archive contains sensitive files such as /etc/shadow, enabling credential recovery and potential full comprom
nvd
CVE-2025-68716P3HIGHCVSS 8.4v1.0.5.9.12026-01-08
CVE-2025-68716 [HIGH] CWE-284 CVE-2025-68716: KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LA
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configured with no password, and administrators cannot disable SSH or enforce authentication via the CLI or web GUI. This allows any LAN-adjacent attacker to trivially gain root shell access and execute arbitrary command
nvd