Trevor Seward

**Name of the Vulnerable Software and Affected Versions** NetGear ProSafe WNAP210 (affected versions not specified) **Description** The issue allows remote attackers to obtain the administrator password by reading the configuration file `BackupConfig.php`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetGear ProSafe WNAP210 version 2.0.12 **Description** The issue allows remote attackers to bypass authentication and obtain access to the configuration page. This can be achieved by visiting the "recreate.php" endpoint and then accessing the "index.php" endpoint. **Recommendations** For NetGear ProSafe WNAP210 version 2.0.12, consider restricting access to the "recreate.php" and "index.php" endpoints until a patch is available. As a temporary workaround, limit the exposure of the device to the internet and only allow trusted sources to access the configuration page.