Sign-up

ID

VAR-200603-0529


CVE

CVE-2006-1003


TITLE

Netgear WGT624 Wireless Firewall Router Information Disclosure Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200603-048

DESCRIPTION

The backup configuration option in NETGEAR WGT624 Wireless Firewall Router stores sensitive information in cleartext, which allows remote attackers to obtain passwords and gain privileges. A vulnerability has been reported in NetGear WGT624 Wireless Firewall Routers. When configured to back up configuration settings, the device will store various information in cleartext. Accessing this file could allow an attacker to obtain sensitive information that could aid in compromising the device's web administration interface. Note that the backup option is not enabled by default, but is a common feature used by administrators

Trust: 1.26

sources: NVD: CVE-2006-1003 // BID: 16837 // VULHUB: VHN-17111

AFFECTED PRODUCTS

vendor:netgearmodel:wgt624scope:eqversion:*

Trust: 1.0

vendor:netgearmodel:wgt624scope: - version: -

Trust: 0.6

vendor:netgearmodel:wgt624scope:eqversion:0

Trust: 0.3

sources: BID: 16837 // CNNVD: CNNVD-200603-048 // NVD: CVE-2006-1003

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-1003
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200603-048
value: MEDIUM

Trust: 0.6

VULHUB: VHN-17111
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-1003
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-17111
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-17111 // CNNVD: CNNVD-200603-048 // NVD: CVE-2006-1003

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-1003

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200603-048

TYPE

Design Error

Trust: 0.9

sources: BID: 16837 // CNNVD: CNNVD-200603-048

EXTERNAL IDS

db:BIDid:16837

Trust: 2.0

db:NVDid:CVE-2006-1003

Trust: 1.7

db:CNNVDid:CNNVD-200603-048

Trust: 0.7

db:XFid:624

Trust: 0.6

db:XFid:24927

Trust: 0.6

db:BUGTRAQid:20060227 NETGEAR WGT624 ? WIRELESS DSL FIREWALL/ROUTER VULNERABILITY

Trust: 0.6

db:VULHUBid:VHN-17111

Trust: 0.1

sources: VULHUB: VHN-17111 // BID: 16837 // CNNVD: CNNVD-200603-048 // NVD: CVE-2006-1003

REFERENCES

url:http://www.securityfocus.com/bid/16837

Trust: 1.7

url:http://www.securityfocus.com/archive/1/426185

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/24927

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/24927

Trust: 0.6

url:http://kbserver.netgear.com/products/wgt624.asp

Trust: 0.3

url:/archive/1/426185

Trust: 0.3

sources: VULHUB: VHN-17111 // BID: 16837 // CNNVD: CNNVD-200603-048 // NVD: CVE-2006-1003

CREDITS

Discovery credited to <info@teamintel.com>.

Trust: 0.9

sources: BID: 16837 // CNNVD: CNNVD-200603-048

SOURCES

db:VULHUBid:VHN-17111
db:BIDid:16837
db:CNNVDid:CNNVD-200603-048
db:NVDid:CVE-2006-1003

LAST UPDATE DATE

2024-08-14T13:39:51.825000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-17111date:2017-07-20T00:00:00
db:BIDid:16837date:2006-03-01T05:16:00
db:CNNVDid:CNNVD-200603-048date:2006-03-07T00:00:00
db:NVDid:CVE-2006-1003date:2017-07-20T01:30:14.317

SOURCES RELEASE DATE

db:VULHUBid:VHN-17111date:2006-03-06T00:00:00
db:BIDid:16837date:2006-02-27T00:00:00
db:CNNVDid:CNNVD-200603-048date:2006-03-06T00:00:00
db:NVDid:CVE-2006-1003date:2006-03-06T20:06:00