Details of VAR-201104-0210

ID

VAR-201104-0210

CVE

CVE-2011-1673

TITLE

NetGear ProSafe WNAP210 Information Disclosure Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2011-6460 // CNNVD: CNNVD-201104-072

DESCRIPTION

BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file. Netgear ProSafe Wireless Access Point (WNAP210) Has multiple vulnerabilities. Netgear Provided by WNAP210 Has two vulnerabilities. An attacker with a network access device can browse the WEB page http://NetGearDeviceIP/BackupConfig.php, which will prompt the attacker to download the device configuration without any login authentication. Access to the BackupConfig.php script is not properly restricted and can be used to download configuration files for backup and leak administrator passwords. WNAP210 firmware 2.0.12 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Q1 Factsheets released: http://secunia.com/resources/factsheets/2011_vendor/ ---------------------------------------------------------------------- TITLE: NetGear WNAP210 Backup Disclosure and Authentication Bypass Vulnerabilities SECUNIA ADVISORY ID: SA44045 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44045/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44045 RELEASE DATE: 2011-04-06 DISCUSS ADVISORY: http://secunia.com/advisories/44045/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44045/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44045 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Netgear ProSafe Wireless-N Access Point WNAP210, which can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions. SOLUTION: Update to the latest firmware. Please contact the vendor for more details. PROVIDED AND/OR DISCOVERED BY: Trevor Seward via US-CERT. ORIGINAL ADVISORY: US-CERT VU#644812: http://www.kb.cert.org/vuls/id/644812 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 5.22

sources: NVD: CVE-2011-1673 // CERT/CC: VU#644812 // JVNDB: JVNDB-2011-004479 // JVNDB: JVNDB-2011-001453 // CNVD: CNVD-2011-1327 // CNVD: CNVD-2011-6460 // CNVD: CNVD-2011-1328 // BID: 47175 // VULHUB: VHN-49618 // VULMON: CVE-2011-1673 // PACKETSTORM: 100135

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 1.2

sources: CNVD: CNVD-2011-1327 // CNVD: CNVD-2011-1328

AFFECTED PRODUCTS

vendor:	netgear	model:	prosafe wnap210	scope:	eq	version:	2.0.12	Trust: 1.6
vendor:	netgear	model:	wnap210	scope:	eq	version:	2.0.12	Trust: 1.5
vendor:	netgear	model:	prosafe wnap210	scope:	eq	version:	*	Trust: 1.0
vendor:	netgear	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	wnap210	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	wnap210	scope:	eq	version:	firmware version 2.0.12	Trust: 0.8
vendor:	netgear	model:	prosafe wnap210	scope:	-	version:	-	Trust: 0.6

sources: CERT/CC: VU#644812 // CNVD: CNVD-2011-1327 // CNVD: CNVD-2011-6460 // CNVD: CNVD-2011-1328 // BID: 47175 // JVNDB: JVNDB-2011-004479 // JVNDB: JVNDB-2011-001453 // CNNVD: CNNVD-201104-072 // NVD: CVE-2011-1673

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-1673
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#644812
value:	5.10
Trust: 0.8
NVD:	CVE-2011-1673
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2011-6460
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201104-072
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-49618
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2011-1673
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-1673
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2011-6460
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-49618
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#644812 // CNVD: CNVD-2011-6460 // VULHUB: VHN-49618 // VULMON: CVE-2011-1673 // JVNDB: JVNDB-2011-004479 // CNNVD: CNNVD-201104-072 // NVD: CVE-2011-1673

PROBLEMTYPE DATA

problemtype:

CWE-310

Trust: 1.9

sources: VULHUB: VHN-49618 // JVNDB: JVNDB-2011-004479 // NVD: CVE-2011-1673

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201104-072

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201104-072

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-004479

PATCH

title:

WNAP210

url:

http://www.netgear.com/business/products/access-points-wireless-controllers/access-points/wnap210.aspx

Trust: 0.8

sources: JVNDB: JVNDB-2011-004479

EXTERNAL IDS

db:	CERT/CC	id:	VU#644812	Trust: 5.2
db:	NVD	id:	CVE-2011-1673	Trust: 3.2
db:	BID	id:	47175	Trust: 1.5
db:	SECUNIA	id:	44045	Trust: 1.4
db:	VUPEN	id:	ADV-2011-0884	Trust: 1.2
db:	JVNDB	id:	JVNDB-2011-004479	Trust: 0.8
db:	JVNDB	id:	JVNDB-2011-001453	Trust: 0.8
db:	CNNVD	id:	CNNVD-201104-072	Trust: 0.7
db:	CNVD	id:	CNVD-2011-1327	Trust: 0.6
db:	CNVD	id:	CNVD-2011-6460	Trust: 0.6
db:	CNVD	id:	CNVD-2011-1328	Trust: 0.6
db:	VULHUB	id:	VHN-49618	Trust: 0.1
db:	VULMON	id:	CVE-2011-1673	Trust: 0.1
db:	PACKETSTORM	id:	100135	Trust: 0.1

sources: CERT/CC: VU#644812 // CNVD: CNVD-2011-1327 // CNVD: CNVD-2011-6460 // CNVD: CNVD-2011-1328 // VULHUB: VHN-49618 // VULMON: CVE-2011-1673 // BID: 47175 // JVNDB: JVNDB-2011-004479 // JVNDB: JVNDB-2011-001453 // PACKETSTORM: 100135 // CNNVD: CNNVD-201104-072 // NVD: CVE-2011-1673

REFERENCES

url:	http://www.kb.cert.org/vuls/id/644812	Trust: 3.8
url:	http://support.netgear.com/app/answers/detail/a_id/19381	Trust: 1.6
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1673	Trust: 1.4
url:	http://secunia.com/advisories/44045	Trust: 1.2
url:	http://www.vupen.com/english/advisories/2011/0884	Trust: 1.2
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/66817	Trust: 1.2
url:	http://www.netgear.com/products/business/access-points-wireless-controllers/access-points/wnap210.aspx	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1673	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu644812	Trust: 0.8
url:	http://www.securityfocus.com/bid/47175/infohttp	Trust: 0.6
url:	http://www.kb.cert.org/vuls/id/644812http	Trust: 0.6
url:	http://www.netgear.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/310.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://secunia.com/advisories/44045/#comments	Trust: 0.1
url:	http://secunia.com/products/corporate/evm/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=44045	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/44045/	Trust: 0.1
url:	http://secunia.com/resources/factsheets/2011_vendor/	Trust: 0.1

CREDITS

Trevor Seward

Trust: 0.3

sources: BID: 47175

SOURCES

db:	CERT/CC	id:	VU#644812
db:	CNVD	id:	CNVD-2011-1327
db:	CNVD	id:	CNVD-2011-6460
db:	CNVD	id:	CNVD-2011-1328
db:	VULHUB	id:	VHN-49618
db:	VULMON	id:	CVE-2011-1673
db:	BID	id:	47175
db:	JVNDB	id:	JVNDB-2011-004479
db:	JVNDB	id:	JVNDB-2011-001453
db:	PACKETSTORM	id:	100135
db:	CNNVD	id:	CNNVD-201104-072
db:	NVD	id:	CVE-2011-1673

LAST UPDATE DATE

2024-11-23T22:02:53.111000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#644812	date:	2011-09-02T00:00:00
db:	CNVD	id:	CNVD-2011-1327	date:	2011-04-06T00:00:00
db:	CNVD	id:	CNVD-2011-6460	date:	2011-04-14T00:00:00
db:	CNVD	id:	CNVD-2011-1328	date:	2011-04-06T00:00:00
db:	VULHUB	id:	VHN-49618	date:	2017-08-17T00:00:00
db:	VULMON	id:	CVE-2011-1673	date:	2017-08-17T00:00:00
db:	BID	id:	47175	date:	2011-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2011-004479	date:	2012-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2011-001453	date:	2011-04-28T00:00:00
db:	CNNVD	id:	CNNVD-201104-072	date:	2011-04-14T00:00:00
db:	NVD	id:	CVE-2011-1673	date:	2024-11-21T01:26:46.290

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#644812	date:	2011-04-05T00:00:00
db:	CNVD	id:	CNVD-2011-1327	date:	2011-04-06T00:00:00
db:	CNVD	id:	CNVD-2011-6460	date:	2011-04-14T00:00:00
db:	CNVD	id:	CNVD-2011-1328	date:	2011-04-06T00:00:00
db:	VULHUB	id:	VHN-49618	date:	2011-04-10T00:00:00
db:	VULMON	id:	CVE-2011-1673	date:	2011-04-10T00:00:00
db:	BID	id:	47175	date:	2011-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2011-004479	date:	2012-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2011-001453	date:	2011-04-28T00:00:00
db:	PACKETSTORM	id:	100135	date:	2011-04-06T11:55:42
db:	CNNVD	id:	CNNVD-201104-072	date:	2011-04-14T00:00:00
db:	NVD	id:	CVE-2011-1673	date:	2011-04-10T02:55:01.727