ID
VAR-201010-0445
TITLE
Netgear CG3000/CG3100 Cable Gateway Security Bypass and Denial of Service Vulnerability
Trust: 0.6
DESCRIPTION
The Netgear CG3000/CG3100 Cable Gateway is a wired gateway device. The Netgear CG3000/CG3100 Cable Gateway has multiple security vulnerabilities that allow an attacker to escalate privileges or perform denial of service. Access rights are handled incorrectly, allowing the logged in user to load the interface of the \"NETGEAR_SE\" user. The device does not verify the SSH passwords for the \"NETGEAR_SE\" and \"MSO\" users, providing a blank password to bypass the authentication access device. There is an error in the print server. Submitting a special message to the TCP 1024 or 9100 port can cause the device to reset.
Trust: 0.6
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | netgear | model: | cable gateway cg3000/cg3100 | scope: | - | version: | - | Trust: 0.6 |
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2010-2424 | Trust: 0.6 |
REFERENCES
| url: | http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0198.htmlhttp | Trust: 0.6 |
SOURCES
| db: | CNVD | id: | CNVD-2010-2424 |
LAST UPDATE DATE
2022-05-04T09:30:48.186000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2010-2424 | date: | 2010-10-21T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2010-2424 | date: | 2010-10-21T00:00:00 |