Details of VAR-201312-0602

ID

VAR-201312-0602

TITLE

Many NetGear routers have backdoor vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2013-15013

DESCRIPTION

Netgear is a well-known manufacturer of network equipment. Its router products are mainly used for enterprises and individual users. Many routers produced by NetGear have backdoors. The backdoor is the super user and password set by the manufacturer. The attacker can use the backdoor to obtain the root authority of the router in the adjacent network, and then implant the Trojan horse to completely control the user's router. Subsequent dns hijacking attacks can be launched.

Trust: 0.6

sources: CNVD: CNVD-2013-15013

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-15013

AFFECTED PRODUCTS

vendor:	netgear	model:	r6300	scope:	eq	version:	v2	Trust: 0.6
vendor:	netgear	model:	r6300	scope:	eq	version:	v1	Trust: 0.6
vendor:	netgear	model:	wndr3300	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3400	scope:	eq	version:	v2	Trust: 0.6
vendor:	netgear	model:	wndr3700 router	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3800	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr4300	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr4500	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr3500l	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr3500l	scope:	eq	version:	v2	Trust: 0.6

sources: CNVD: CNVD-2013-15013

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2013-15013
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2013-15013
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2013-15013

PATCH

title:

Patch for Many NetGear routers have backdoor vulnerabilities

url:

https://www.cnvd.org.cn/patchinfo/show/44671

Trust: 0.6

sources: CNVD: CNVD-2013-15013

EXTERNAL IDS

db:

CNVD

id:

CNVD-2013-15013

Trust: 0.6

sources: CNVD: CNVD-2013-15013

SOURCES

db:

CNVD

id:

CNVD-2013-15013

LAST UPDATE DATE

2022-05-04T10:16:42.620000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2013-15013

date:

2020-03-10T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2013-15013

date:

2013-12-13T00:00:00