Sign-up

ID

VAR-201807-0040


CVE

CVE-2016-5649


TITLE

Netgear DGN2200 and DGND3700 Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2016-009214

DESCRIPTION

A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router's web interface. Netgear DGN2200 and DGND3700 Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The NETGEAR DGN2200 is a wireless router product from NETGEAR. Affected Models: Netgear DGN2200 running firmware version DGN2200-V1.0.0.50_7.0.50 Netgear DGND3700 running firmware version DGND3700-V1.0.0.17_1.0.17 Solution: Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue 2. SSID & wireless key Disclosure (CVE-2016-5638) There are few web pages associated with the genie app. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text. Affected Models: Netgear WNDR4500 running firmware version V1.0.1.40_1.0.68 Solution: WNDR4500v1 has reached the End of Life so Netgear wonat be releasing any updates for this. ## History 23.06.2016 - Initial contact to Netgear 24.06.2016 - Reported all details to Netgear 01.07.2016 - Email sent to Netgear asking for status update, no response 14.07.2016 - Email sent to Netgear asking for status update, no response 26.07.2016 - Netgear confirms findings 31.08.2016 - Email sent to Netgear asking for status update 02.09.2016 - Received reply from Netgear that they will be releasing a fix for this 23.12.2016 - Netgear informs that vulnerability has been fixed in the new version Thanks, Mandar

Trust: 2.43

sources: NVD: CVE-2016-5649 // JVNDB: JVNDB-2016-009214 // CNVD: CNVD-2018-17646 // VULHUB: VHN-94468 // VULMON: CVE-2016-5649 // PACKETSTORM: 140342

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-17646

AFFECTED PRODUCTS

vendor:netgearmodel:dgnd3700scope:eqversion:1.0.0.17_1.0.17

Trust: 1.6

vendor:netgearmodel:dgn2200scope:eqversion:1.0.0.50_7.0.50

Trust: 1.6

vendor:net gearmodel:dgn2200scope:eqversion:v1.0.0.50_7.0.50

Trust: 0.8

vendor:net gearmodel:dgnd3700scope:eqversion:v1.0.0.17_1.0.17

Trust: 0.8

vendor:netgearmodel:dgn2200 1.0.0.50 7.0.50scope: - version: -

Trust: 0.6

vendor:netgearmodel:dgnd3700 1.0.0.17 1.0.17scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2018-17646 // JVNDB: JVNDB-2016-009214 // CNNVD: CNNVD-201807-1808 // NVD: CVE-2016-5649

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-5649
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-5649
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-17646
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201807-1808
value: CRITICAL

Trust: 0.6

VULHUB: VHN-94468
value: MEDIUM

Trust: 0.1

VULMON: CVE-2016-5649
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-5649
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-17646
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-94468
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-5649
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-17646 // VULHUB: VHN-94468 // VULMON: CVE-2016-5649 // JVNDB: JVNDB-2016-009214 // CNNVD: CNNVD-201807-1808 // NVD: CVE-2016-5649

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

problemtype:CWE-319

Trust: 1.0

sources: VULHUB: VHN-94468 // JVNDB: JVNDB-2016-009214 // NVD: CVE-2016-5649

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1808

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201807-1808

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-009214

PATCH
title:Top Pageurl:https://www.netgear.com/
Trust: 0.8
title:Patch for Netgear DGN2200 Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/138891
Trust: 0.6
title:Netgear DGN2200 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82592
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-17646 // 
            
            
            
            JVNDB: JVNDB-2016-009214 // 
            
            
            
            CNNVD: CNNVD-201807-1808

EXTERNAL IDS
db:NVDid:CVE-2016-5649
Trust: 3.3
db:PACKETSTORMid:140342
Trust: 3.3
db:PACKETSTORMid:152675
Trust: 1.8
db:JVNDBid:JVNDB-2016-009214
Trust: 0.8
db:CNNVDid:CNNVD-201807-1808
Trust: 0.7
db:CNVDid:CNVD-2018-17646
Trust: 0.6
db:VULHUBid:VHN-94468
Trust: 0.1
db:VULMONid:CVE-2016-5649
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-17646 // 
            
            
            
            VULHUB: VHN-94468 // 
            
            
            
            VULMON: CVE-2016-5649 // 
            
            
            
            JVNDB: JVNDB-2016-009214 // 
            
            
            
            PACKETSTORM: 140342 // 
            
            
            
            CNNVD: CNNVD-201807-1808 // 
            
            
            
            NVD: CVE-2016-5649

REFERENCES
url:https://packetstormsecurity.com/files/140342/netgear-dgn2200-dgnd3700-wndr4500-information-disclosure.html
Trust: 3.2
url:http://packetstormsecurity.com/files/152675/netgear-dgn2200-dgnd3700-admin-password-disclosure.html
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2016-5649
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5649
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-5638
Trust: 0.1
url:https://www.netgear.com/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-17646 // 
            
            
            
            VULHUB: VHN-94468 // 
            
            
            
            VULMON: CVE-2016-5649 // 
            
            
            
            JVNDB: JVNDB-2016-009214 // 
            
            
            
            PACKETSTORM: 140342 // 
            
            
            
            CNNVD: CNNVD-201807-1808 // 
            
            
            
            NVD: CVE-2016-5649

CREDITS
Social Engineering Neo
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201807-1808

SOURCES
db:CNVDid:CNVD-2018-17646
db:VULHUBid:VHN-94468
db:VULMONid:CVE-2016-5649
db:JVNDBid:JVNDB-2016-009214
db:PACKETSTORMid:140342
db:CNNVDid:CNNVD-201807-1808
db:NVDid:CVE-2016-5649

LAST UPDATE DATE
2024-11-23T22:26:17.944000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-17646date:2018-09-06T00:00:00
db:VULHUBid:VHN-94468date:2019-10-09T00:00:00
db:VULMONid:CVE-2016-5649date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2016-009214date:2018-10-29T00:00:00
db:CNNVDid:CNNVD-201807-1808date:2019-05-14T00:00:00
db:NVDid:CVE-2016-5649date:2024-11-21T02:54:45.767

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-17646date:2018-09-06T00:00:00
db:VULHUBid:VHN-94468date:2018-07-24T00:00:00
db:VULMONid:CVE-2016-5649date:2018-07-24T00:00:00
db:JVNDBid:JVNDB-2016-009214date:2018-10-29T00:00:00
db:PACKETSTORMid:140342date:2017-01-03T10:11:11
db:CNNVDid:CNNVD-201807-1808date:2018-07-25T00:00:00
db:NVDid:CVE-2016-5649date:2018-07-24T15:29:00.280