Netgear WNDAP350 Root Password Disclosure



EKU-ID: 405 CVE: OSVDB-ID:
Author: Juerd Waalboer Published: 2011-06-02 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home


https://revspace.nl/RevelationSpace/NewsItem11x05x30x0

Summary:

    * http://192.168.0.237/downloadFile.php reveals secrets
    * http://192.168.0.237/BackupConfig.php reveals secrets
    * Included in the exposed secrets: root password and WPA2 keys
    * The PHPs do not require authentication
    * Vulnerable versions: 2.0.1, 2.0.9 (latest)
-- 
Met vriendelijke groet, // Kind regards, // Korajn salutojn,

Juerd Waalboer  <juerd@tnx.nl>
TNX

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/