Summary
Newer firmware versions of the Netgear N150 WNR1000v3 wireless router are affected by a password recovery vulnerability.
Exploiting this vulnerability allows an attacker to recover the router's (plaintext) Administrator credentials and subsequently gain full access to the device. This vulnerabilty can be exploited remotely if the remote administration access feature is enabled (as well as locally via wired or wireless access).
Impact
An attacker can exploit this issue to bypass certain security restrictions and gain unauthorized administrative access to the affected application.
Solution
Ask the Vendor for an update.
Insight
Netgear WNR1000v3 routers suffer from a flaw in the password recovery flow that allows for disclosure of the plaintext router credentials.
Affected
Tested Device Firmware Versions: V1.0.2.60_60.0.86 and V1.0.2.54_60.0.82NA
Detection
Send some special crafted request to determine if it is possible to read username and password.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 9.4
AV:N/AC:L/Au:N/C:C/I:N/A:C
Related Vulnerabilities
- Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
- ARRIS 2307 Unprotected Web Console
- Advanced Guestbook Index.PHP SQL Injection Vulnerability
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- 4Images <= 1.7.1 Directory Traversal Vulnerability