Summary
The remote Linksys/Netgear Router has a backdoor on port 32764
Impact
An attacker can exploit this issue to disclose sensitive information
this may aid in further attacks.
Solution
Ask the Vendor for an update.
Insight
By sending a special crafted request to port 32764 of the router, it is possible to gather e.g. the http username and http password or to change some configuration options which could lead in a shutdown of the internet connection.
Affected
Backdoor confirmed in:
Linksys WAG200G
Netgear DM111Pv2
Linksys WAG320N
Backdoor may be present in:
NetGear DG934
Netgear DG834
Netgear WPNT834
Netgear DG834G
Netgear WG602,
Netgear WGR614,
Netgear DGN200
Linksys WAG120N,
Linksys WAG160N,
Linksys WRVS4400N
The backdoor may be also present in other hardware.
Detection
Send a special crafted request and check the response.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
- Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)