0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Netgear DGN2200 / DGND3700 / WNDR4500 Information Disclosure Vulnerability
Author
Risk
[
Security Risk Medium
]0day-ID
Category
Date add
CVE
Platform
# Title: Netgear DGN2200, DGND3700 and WNDR4500 Multiple Information Disclosure Vulnerabilities # Author: Mandar jadhav # Vendor Homepage: https://www.netgear.com/ # CVE's : CVE-2016-5649, CVE-2016-5638 1. Admin password disclosure (CVE-2016-5649) A vulnerability is in the 'BSW_cxttongr.htm' page which can allow a remote attacker to access this page without any authentication. When processed, it exposes adminas password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access of the targeted routeras web interface. Affected Models: Netgear DGN2200 running firmware version DGN2200-V1.0.0.50_7.0.50 Netgear DGND3700 running firmware version DGND3700-V1.0.0.17_1.0.17 Solution: Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue 2. SSID & wireless key Disclosure (CVE-2016-5638) There are few web pages associated with the genie app. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text. Affected Models: Netgear WNDR4500 running firmware version V1.0.1.40_1.0.68 Solution: WNDR4500v1 has reached the End of Life so Netgear wonat be releasing any updates for this. ## History 23.06.2016 - Initial contact to Netgear 24.06.2016 - Reported all details to Netgear 01.07.2016 - Email sent to Netgear asking for status update, no response 14.07.2016 - Email sent to Netgear asking for status update, no response 26.07.2016 - Netgear confirms findings 31.08.2016 - Email sent to Netgear asking for status update 02.09.2016 - Received reply from Netgear that they will be releasing a fix for this 23.12.2016 - Netgear informs that vulnerability has been fixed in the new version Thanks, Mandar # 0day.today [2024-12-25] #