CVE-2009-2257

Name of the Vulnerable Software and Affected Versions Netgear DG632 version 3.4.0 ap

Description The issue allows remote attackers to bypass authentication on the administrative web interface. This can be achieved by making a direct request to several endpoints, including "gateway/commands/saveconfig.html", "stattbl.htm", "modemmenu.htm", "onload.htm", "form.css", "utility.js", and possibly "indextop.htm" in the html/ directory.

Recommendations For Netgear DG632 version 3.4.0 ap, as a temporary workaround, consider restricting access to the mentioned endpoints to minimize the risk of exploitation. Avoid using the administrative web interface until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.