CVE-2016-5649 Scanner
Detects 'Admin Credential Disclosure' vulnerability in Netgear DGN2200 and DGND3700 affects v. DGN2200-1.0.0.50_7.0.50 and DGND3700-1.0.0.17_1.0.17.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
The Netgear DGN2200 and DGND3700 are popular home routers used for connecting multiple devices to the internet. These products are designed to provide a fast and reliable internet connection to households and small businesses. They are easy to install, configure, and use, making them a go-to choice for many users.
However, recent security research has discovered a serious vulnerability in these routers, designated CVE-2016-5649. This vulnerability allows a remote attacker to gain access to the 'BSW_cxttongr.htm' page without any authentication, which exposes the admin password in clear text before redirecting to the absw_vfysucc.cgia page. An attacker can easily use the compromised password to gain full access to the targeted router and its web interface.
The implications of this vulnerability are significant. An attacker who gains unauthorized access to the router can easily steal sensitive data, such as login credentials, personal information, and financial data. Additionally, they can use the router to launch attacks on other devices on the network or use it as a stepping stone to other systems on the internet.
In conclusion, it is essential to stay informed about the security of our digital assets, including our home routers. Thanks to the pro features of the s4e.io platform, users can easily and quickly learn about vulnerabilities in their digital assets. By taking the necessary precautions, we can keep our networks and devices secure and protect ourselves from malicious attacks.
REFERENCES
