CVE-2016-10175

Name of the Vulnerable Software and Affected Versions NETGEAR WNR2000v5 router

Description The issue allows the leakage of the router's serial number when a request is made to the "/BRS netgear success.html" API endpoint. This serial number can be used in combination with another vulnerability to reset the answers to password-recovery questions, ultimately allowing access to the administrator username and password.

Recommendations For the NETGEAR WNR2000v5 router, consider restricting access to the "/BRS netgear success.html" API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.