Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.809775 |
Kategorie: | Web application abuses |
Titel: | NETGEAR WNR2000 Router Multiple Vulnerabilities |
Zusammenfassung: | The host is running NETGEAR WNR2000 Router; and is prone to multiple vulnerabilities. |
Beschreibung: | Summary: The host is running NETGEAR WNR2000 Router and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The device leaks its serial number while requesting for 'BRS_netgear_success.html'. - Improper access control while sending request to 'apply_noauth.cgi'. - Timestamps used in application can be easily calculated and generated outside. - Improper handling of access to *.cgi files by HTTP server in the device (uhttpd). Vulnerability Impact: Successful exploitation will allow remote attackers to gain access to potentially sensitive information, reboot router, factory reset the router, change WLAN settings, change password recovery settings, obtain the admin password once recovery settings are changed, execute code and conduct denial of service attack. Affected Software/OS: NETGEAR WNR2000 routers Solution: NETGEAR has released beta firmware for the affected routers, which can be obtained from the referenced vendor KB entry. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-10175 Common Vulnerability Exposure (CVE) ID: CVE-2016-10176 Common Vulnerability Exposure (CVE) ID: CVE-2016-10174 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |