PT-2011-3285 · NetGear · Netgear Prosafe Wnap210

Trevor Seward

Publicado

2011-04-10

Atualizado

2017-08-17

CVE-2011-1674

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions NetGear ProSafe WNAP210 version 2.0.12

Description The issue allows remote attackers to bypass authentication and obtain access to the configuration page. This can be achieved by visiting the "recreate.php" endpoint and then accessing the "index.php" endpoint.

Recommendations For NetGear ProSafe WNAP210 version 2.0.12, consider restricting access to the "recreate.php" and "index.php" endpoints until a patch is available. As a temporary workaround, limit the exposure of the device to the internet and only allow trusted sources to access the configuration page.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2011-1674

Produtos afetados

Netgear Prosafe Wnap210

PT-2011-3285 · NetGear · Netgear Prosafe Wnap210

CVE-2011-1674

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5