CVE-2017-5521

NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900 va R8 qurilmalarida muammo aniqlandi. Ular veb boshqaruv serveriga oddiy tayyorlangan so'rovlar orqali parolni oshkor qilishga moyil. Masofadan boshqarish opsiyasi o'rnatilgan bo'lsa, xato masofadan turib ishlatilishi mumkin va LAN yoki WLAN orqali routerga kirish imkoni bilan ham foydalanish mumkin. Veb-panelga kirishga urinayotganda, foydalanuvchidan autentifikatsiya qilish so'raladi; autentifikatsiya bekor qilinsa va p

CVSS Vector

Manbalar

• http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
• http://www.securityfocus.com/bid/95457
• https://www.exploit-db.com/exploits/41205/
• http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
• http://www.securityfocus.com/bid/95457