ID
VAR-201302-0535
TITLE
NetGear DGN1000B Wireless Router Multiple Security Vulnerabilities
Trust: 0.9
DESCRIPTION
The NetGear DGN1000B is a wireless router device. The NetGear DGN1000B has multiple security vulnerabilities, including OS command injection in the UPNP configuration, insecure encrypted storage, and cross-site scripting vulnerabilities, allowing attackers to exploit vulnerabilities to obtain sensitive information and control application devices. A command-injection vulnerability 2. An information-disclosure vulnerability 3. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | netgear | model: | dgn1000b | scope: | eq | version: | 1.1.00.45 | Trust: 0.6 |
| vendor: | netgear | model: | dgn1000b | scope: | eq | version: | 1.1.00.24 | Trust: 0.6 |
THREAT TYPE
remote
Trust: 0.6
TYPE
Input Validation Error
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 57836 | Trust: 1.5 |
| db: | CNVD | id: | CNVD-2013-01020 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201302-281 | Trust: 0.6 |
REFERENCES
| url: | http://www.s3cur1ty.de/node/660 | Trust: 0.6 |
| url: | http://www.securityfocus.com/bid/57836 | Trust: 0.6 |
CREDITS
Michael Messner
Trust: 0.9
SOURCES
| db: | CNVD | id: | CNVD-2013-01020 |
| db: | BID | id: | 57836 |
| db: | CNNVD | id: | CNNVD-201302-281 |
LAST UPDATE DATE
2022-05-17T02:07:15.539000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2013-01020 | date: | 2013-02-19T00:00:00 |
| db: | BID | id: | 57836 | date: | 2013-04-04T08:17:00 |
| db: | CNNVD | id: | CNNVD-201302-281 | date: | 2013-02-21T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2013-01020 | date: | 2013-02-19T00:00:00 |
| db: | BID | id: | 57836 | date: | 2013-02-06T00:00:00 |
| db: | CNNVD | id: | CNNVD-201302-281 | date: | 2013-02-21T00:00:00 |