Lucene search

[email protected]CVE-2007-4361

HistoryAug 15, 2007 - 7:17 p.m.

CVE-2007-4361

2007-08-1519:17:00

[email protected]

web.nvd.nist.gov

netgear

infrant

readynas

raidiator

ssh

root password

hardware serial number

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.7%

JSON

NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.

Affected configurations

NVD

Node

netgearreadynas_raidiatorMatch3.01c1-p1

netgearreadynas_raidiatorMatch3.01c1-p6

CPENameOperatorVersion
netgear:readynas_raidiatornetgear readynas raidiatoreq3.01c1-p1
netgear:readynas_raidiatornetgear readynas raidiatoreq3.01c1-p6

CPE	Name	Operator	Version
netgear:readynas_raidiator	netgear readynas raidiator	eq	3.01c1-p1
netgear:readynas_raidiator	netgear readynas raidiator	eq	3.01c1-p6

References

secunia.com/advisories/26442

securityreason.com/securityalert/3017

www.infrant.com/forum/viewtopic.php?t=12249

www.infrant.com/forum/viewtopic.php?t=12313

www.infrant.com/forum/viewtopic.php?t=3366&start=30

www.osvdb.org/36357

www.securityfocus.com/archive/1/476266/100/0/threaded

www.securityfocus.com/bid/25290

exchange.xforce.ibmcloud.com/vulnerabilities/36011

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.7%

JSON

Related for CVE-2007-4361

prion1 nvd1 cvelist1