Details of VAR-E-201510-0135

ID

VAR-E-201510-0135

TITLE

Multiple NetGear Routers Remote Authentication Bypass Vulnerability

Trust: 0.3

sources: BID: 77032

DESCRIPTION

Multiple NetGear Routers are prone to a remote authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions.

Trust: 0.3

sources: BID: 77032

AFFECTED PRODUCTS

vendor:	netgear	model:	wnr618	scope:	eq	version:	0	Trust: 0.3
vendor:	netgear	model:	wnr614	scope:	eq	version:	0	Trust: 0.3
vendor:	netgear	model:	wnr2020	scope:	eq	version:	0	Trust: 0.3
vendor:	netgear	model:	wnr1000v4	scope:	eq	version:	1.1.0.31	Trust: 0.3
vendor:	netgear	model:	wnr1000v4	scope:	eq	version:	1.1.0.28	Trust: 0.3
vendor:	netgear	model:	r3250	scope:	eq	version:	0	Trust: 0.3
vendor:	netgear	model:	n300	scope:	eq	version:	0	Trust: 0.3
vendor:	netgear	model:	jwnr2010v5	scope:	eq	version:	1.1.0.31	Trust: 0.3
vendor:	netgear	model:	jwnr2000v5	scope:	eq	version:	1.1.0.31	Trust: 0.3
vendor:	netgear	model:	jnr3000	scope:	eq	version:	0	Trust: 0.3
vendor:	netgear	model:	jnr1010v2	scope:	eq	version:	0	Trust: 0.3

sources: BID: 77032

EXPLOIT

Attackers can use standard commands to exploit this issue.
The following exploit is available:
Bullet list:
<li><a href="/data/vulnerabilities/exploits/77032.py">/data/vulnerabilities/exploits/77032.py</a></li>

Trust: 0.3

sources: BID: 77032

PRICE

Free

Trust: 0.3

sources: BID: 77032

TYPE

Access Validation Error

Trust: 0.3

sources: BID: 77032

CREDITS

Daniel Haake

Trust: 0.3

sources: BID: 77032

EXTERNAL IDS

db:

BID

id:

77032

Trust: 0.3

sources: BID: 77032

REFERENCES

url:	http://seclists.org/fulldisclosure/2015/oct/31	Trust: 0.3
url:	http://www.shellshocklabs.com/2015/09/part-1en-hacking-netgear-jwnr2010v5.html	Trust: 0.3
url:	http://www.netgear.com	Trust: 0.3
url:	http://www.csnc.ch/misc/files/advisories/csnc-2015-007_netgear_wnr1000v4_authbypass.txt	Trust: 0.3

sources: BID: 77032

SOURCES

db:

BID

id:

77032

LAST UPDATE DATE

2022-07-27T09:58:38.781000+00:00

SOURCES UPDATE DATE

db:

BID

id:

77032

date:

2015-10-07T00:00:00

SOURCES RELEASE DATE

db:

BID

id:

77032

date:

2015-10-07T00:00:00