Lucene search
MitreCVE-2009-2257HistoryJun 30, 2009 - 10:30 a.m.
CVE-2009-2257
2009-06-3010:30:21
CWE-287
mitre
web.nvd.nist.gov
28
netgear
dg632
firmware
authentication bypass
remote attackers
vulnerability
nvd
cve-2009-2257
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
7.3
Confidence
Low
EPSS
0.007
Percentile
80.2%
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to bypass authentication via a direct request to (1) gateway/commands/saveconfig.html, and (2) stattbl.htm, (3) modemmenu.htm, (4) onload.htm, (5) form.css, (6) utility.js, and possibly (7) indextop.htm in html/.
Affected configurations
Node
netgeardg632Match3.4.0_ap
Related
prion
prion
Authentication flaw
2009-06-30 10:30:00
cvelist
cvelist
CVE-2009-2257
2009-06-30 10:00:00
nvd
nvd
CVE-2009-2257
2009-06-30 10:30:21
exploitdb
exploitdb
Netgear DG632 Router - Authentication Bypass
2009-06-15 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
7.3
Confidence
Low
EPSS
0.007
Percentile
80.2%
Related for CVE-2009-2257