CVE-2016-5649

Public Exploit

Netgear DGN2200 and DGND3700 disclose the administrator password

Description

A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router's web interface.

Remediation

Solution:

Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue.

References

Link	Tags
https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html	third party advisory vdb entry
http://packetstormsecurity.com/files/152675/Netgear-DGN2200-DGND3700-Admin-Password-Disclosure.html	third party advisory vdb entry exploit

Frequently Asked Questions

What is the severity of CVE-2016-5649?: CVE-2016-5649 has been scored as a critical severity vulnerability.
How to fix CVE-2016-5649?: To fix CVE-2016-5649: Netgear has released firmware version 1.0.0.52 for DGN2200 & 1.0.0.28 for DGND3700 to address this issue.
Is CVE-2016-5649 being actively exploited in the wild?: It is possible that CVE-2016-5649 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~77% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2016-5649?: CVE-2016-5649 affects Netgear DGN2200, Netgear DGND3700.

Description

Remediation

Categories

CWE-319 – Cleartext Transmission of Sensitive Information

CWE-200 – Exposure of Sensitive Information to an Unauthorized Actor

References

Frequently Asked Questions