8.3 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.005 Low
EPSS
Percentile
76.0%
Netgear GS105PE Prosafe Plus Switch firmware version 1.2.0.5 contains hard-coded credentials. (CWE-798)
Netgear GS105PE Prosafe Plus Switch contains hard-coded login credentials that can be used for authenticating to the web server running on the device. The username is ntgruser
and the password is debugpassword
. Once authenticated, the web server provides access to:
produce_burn.cgi
: Modify the serial number and MAC address of the product
register_debug.cgi
: Allow the user to manually set memory to a certain value and extract that value from it
bootcode_update.cgi
: Allow the user to upload new firmware.
Note: The previous version of this note incorrectly identified the Netgear GS108PE as the affected model.
A remote unauthenticated attacker may be able to login into the device and execute arbitrary code.
The CERT/CC is currently unaware of a practical solution to this problem.
143740
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: May 19, 2014 Updated: May 19, 2014
Unknown
We have not received a statement from the vendor.
Group | Score | Vector |
---|---|---|
Base | 7.8 | AV:A/AC:L/Au:N/C:C/I:C/A:N |
Temporal | 6.3 | E:POC/RL:U/RC:UC |
Environmental | 1.7 | CDP:L/TD:L/CR:ND/IR:ND/AR:ND |
<http://www.netgear.com/business/products/switches/unmanaged-plus/GS105PE.aspx>
Thanks to Marc Olivier Chouinard for reporting this vulnerability.
This document was written by Chris King.
CVE IDs: | CVE-2014-2969 |
---|---|
Date Public: | 2014-07-03 Date First Published: |