10/31/2013
Date Patched:
No patch available.
Vendor:
Netgear
Affected Software:
WNDR4700 router
WNDR3700v4 router
Possibly other routers
1.0.1.42 firmware and prior
Description:Affected devices are vulnerable to a security bypass flaw that permits attackers to access any part of the management interface of the device. If remote administration is enabled, this can be exploited from the Internet.
Severity:
High
Code Execution:
No
Impact:
Security Bypass
This vulnerability allows an attacker to bypass certain security restrictions on the system, allowing the attacker to gain unauthorized access to the system.
Mitigation:To help mitigate WAN-based attacks, disable the administration interface for non-local network addresses.
Protection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 31286 - Netgear WNDR3700 Bypass (20131031) (Zero-Day)
- 31234 - Multiple Router Vendor ping6 Command Injection (Zero-Day) - Remote
Status:
2013-10-31: Original Disclosure
Không có nhận xét nào:
Đăng nhận xét