cnvd - cnvd-2018-13982

CNVD-2018-13982

Vulnerability from cnvd - Published: 2018-07-26

Title

Netgear WNDR4500信息泄露漏洞

Description

Netgear WNDR4500是美国网件（NetGear）公司的一款无线路由器产品。使用1.0.1.40_1.0.6877版本固件的Netgear WNDR4500中存在信息泄露漏洞。远程攻击者可利用该漏洞未经认证访问genie_ping.htm、genie_ping2.htm或genie_ping3.htm页面，获取敏感信息，例如明文形式的网络密钥（密码）和2.4GHz & 5GHz无线网络名称（SSID）。

Severity

中

Patch Name

Netgear WNDR4500信息泄露漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.netgear.com/

Reference

https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html

Impacted products

Name
NetGear WNDR4500 1.0.1.40_1.0.6877

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-5638"
    }
  },
  "description": "Netgear WNDR4500\u662f\u7f8e\u56fd\u7f51\u4ef6\uff08NetGear\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002\r\n\r\n\u4f7f\u75281.0.1.40_1.0.6877\u7248\u672c\u56fa\u4ef6\u7684Netgear WNDR4500\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u672a\u7ecf\u8ba4\u8bc1\u8bbf\u95eegenie_ping.htm\u3001genie_ping2.htm\u6216genie_ping3.htm\u9875\u9762\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff0c\u4f8b\u5982\u660e\u6587\u5f62\u5f0f\u7684\u7f51\u7edc\u5bc6\u94a5\uff08\u5bc6\u7801\uff09\u548c2.4GHz \u0026 5GHz\u65e0\u7ebf\u7f51\u7edc\u540d\u79f0\uff08SSID\uff09\u3002",
  "discovererName": "Mandar Jadhav",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.netgear.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-13982",
  "openTime": "2018-07-26",
  "patchDescription": "Netgear WNDR4500\u662f\u7f8e\u56fd\u7f51\u4ef6\uff08NetGear\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002\r\n\r\n\u4f7f\u75281.0.1.40_1.0.6877\u7248\u672c\u56fa\u4ef6\u7684Netgear WNDR4500\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u672a\u7ecf\u8ba4\u8bc1\u8bbf\u95eegenie_ping.htm\u3001genie_ping2.htm\u6216genie_ping3.htm\u9875\u9762\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff0c\u4f8b\u5982\u660e\u6587\u5f62\u5f0f\u7684\u7f51\u7edc\u5bc6\u94a5\uff08\u5bc6\u7801\uff09\u548c2.4GHz \u0026 5GHz\u65e0\u7ebf\u7f51\u7edc\u540d\u79f0\uff08SSID\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Netgear WNDR4500\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "NetGear WNDR4500 1.0.1.40_1.0.6877"
  },
  "referenceLink": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html",
  "serverity": "\u4e2d",
  "submitTime": "2018-07-26",
  "title": "Netgear WNDR4500\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2016-5638 (GCVE-0-2016-5638)

Vulnerability from cvelistv5 – Published: 2018-07-24 15:00 – Updated: 2024-08-06 01:07

Summary

There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text.

Severity ?

No CVSS data available.

CWE

CWE-319

Assigner

certcc

References

URL

Tags

https://packetstormsecurity.com/files/140342/Netg…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Netgear	WNDR4500	Affected: V1.0.1.40_1.0.6877

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:07:59.943Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WNDR4500",
          "vendor": "Netgear",
          "versions": [
            {
              "status": "affected",
              "version": "V1.0.1.40_1.0.6877"
            }
          ]
        }
      ],
      "datePublic": "2017-01-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz \u0026 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-24T14:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Netgear has released firmware version 1.0.0.52 for DGN2200 \u0026 1.0.0.28 for DGND3700 to address this issue."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877 reveals some sensitive information such as 2.4GHz \u0026 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-5638",
          "STATE": "PUBLIC",
          "TITLE": "Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877 reveals some sensitive information such as 2.4GHz \u0026 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WNDR4500",
                      "version": {
                        "version_data": [
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_name": "V1.0.1.40_1.0.6877",
                            "version_value": "V1.0.1.40_1.0.6877"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Netgear"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz \u0026 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-319"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Netgear has released firmware version 1.0.0.52 for DGN2200 \u0026 1.0.0.28 for DGND3700 to address this issue."
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2016-5638",
    "datePublished": "2018-07-24T15:00:00",
    "dateReserved": "2016-06-16T00:00:00",
    "dateUpdated": "2024-08-06T01:07:59.943Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-13982

CVE-2016-5638 (GCVE-0-2016-5638)

Tags

Sightings

Nomenclature