Netgear ProSafe Wireless-N 8-port Gigabit VPN Firewall FVS318N router's remote management feature is enabled by default.
Netgear ProSafe Wireless-N 8-port Gigabit VPN Firewall FVS318N router allows remote (WAN) internet users access to the administrator web interface of the device by default.
A remote unauthenticated attacker may be able to access the administrator web interface of the device.
We are currently unaware of a practical solution to this problem.
Disable the remote management feature
We recommend users disable the remote management feature inside the administrator web interface of the device.
Vendor| Status| Date Notified| Date Updated
Netgear, Inc.| | 16 Jan 2012| 16 Jan 2012
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal | 6.1 | E:F/RL:W/RC:UC
Environmental | 1.6 | CDP:L/TD:L/CR:ND/IR:ND/AR:ND
Thanks to David Barker of Electrosonics, Inc. for reporting this vulnerability.
This document was written by Michael Orlando.