var-201606-0554
Vulnerability from variot
Netgear is the world's leading enterprise network solution and advocate for digital home networking applications. There are web interface login password leaks in Netgear's various devices. When password recovery is disabled, an attacker who can access the internal network or remotely manage the router interface can exploit the vulnerability to obtain the management interface login password.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0554",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500 v1.0.2.58 1.0.58",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r8000 v1.0.3.4 1.1.2",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7900 v1.0.1.4 10.0.12",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7300 v1.0.0.36 1.0.8",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7000 v1.0.5.62 1.1.87",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6900 v1.0.0.4 1.0.10",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6700 v1.0.0.26 10.0.26",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6400 v1.0.1.6 1.0.4",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6300v2 v1.0.4.2 10.0.74",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "ac1450 v1.0.0.34 10.0.16",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6300 v1.0.2.78 1.0.58",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6250 v1.0.4.2 10.1.10",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6200v2 v1.0.3.8 10.1.6",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6200 v1.0.1.56 1.0.43",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500v2 v1.0.0.60 1.0.38",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500 v1.0.1.44 1.0.73",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4000 v1.0.2.4 9.1.86",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700v3 v1.0.0.40 1.0.32",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400v3 v1.0.1.4 1.0.52",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400v2 v1.0.0.48 1.0.75",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500lv2 v1.2.0.34 40.0.75",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wnr1000v3 v1.0.2.68 60.0.93",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "c6300",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v2.01.14"
},
{
"model": "d6300",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.0.96"
},
{
"model": "d6300b",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.0.40"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.0.44"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.0.12"
},
{
"model": "dgn2200v4",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.0.66"
},
{
"model": "dgn2200bv4",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.0.68"
},
{
"model": "vegn2610",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1.0.0.36"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v6510v1.0.0.20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-04399",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2016-04399",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear is the world\u0027s leading enterprise network solution and advocate for digital home networking applications. There are web interface login password leaks in Netgear\u0027s various devices. When password recovery is disabled, an attacker who can access the internal network or remotely manage the router interface can exploit the vulnerability to obtain the management interface login password.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-04399",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"id": "VAR-201606-0554",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
],
"trust": 1.2337010255555554
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"last_update_date": "2022-05-04T09:39:47.379000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://kb.netgear.com/app/answers/detail/a_id/30632/~/web-gui-password-recovery-and-exposure-security-vulnerability"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04399"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear Device Web Interface Login Password Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04399"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.