Lucene search
CertccCVELIST:CVE-2016-5649HistoryJul 24, 2018 - 3:00 p.m.
CVE-2016-5649 Netgear DGN2200 and DGND3700 disclose the administrator password
2018-07-2415:00:00
CWE-319
certcc
www.cve.org
A vulnerability is in the ‘BSW_cxttongr.htm’ page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router’s web interface.
CNA Affected
[
{
"product": "DGN2200",
"vendor": "Netgear",
"versions": [
{
"status": "affected",
"version": "DGN2200-V1.0.0.50_7.0.50"
}
]
},
{
"product": "DGND3700",
"vendor": "Netgear",
"versions": [
{
"status": "affected",
"version": "DGND3700-V1.0.0.17_1.0.17"
}
]
}
]Related
nuclei
nuclei
NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure
2021-07-06 14:25:39
nvd
nvd
CVE-2016-5649
2018-07-24 15:29:00
openvas
openvas
Netgear DGN2000, DGND3700 Password Disclosure Vulnerability
2017-01-06 00:00:00
Netgear DGN2200 / DGND3700 Admin Password Disclosure
2018-07-25 00:00:00
exploitdb
exploitdb
Netgear DGN2200 / DGND3700 - Admin Password Disclosure
2019-04-30 00:00:00
exploitpack
exploitpack
Netgear DGN2200 DGND3700 - Admin Password Disclosure
2019-04-30 00:00:00
prion
prion
Authentication flaw
2018-07-24 15:29:00
packetstorm
packetstorm
Netgear DGN2200 / DGND3700 Admin Password Disclosure
2019-04-30 00:00:00
zdt
zdt
Netgear DGN2200 / DGND3700 - Admin Password Disclosure Vulnerability
2019-05-01 00:00:00
Netgear DGN2200 / DGND3700 / WNDR4500 Information Disclosure Vulnerability
2017-01-04 00:00:00
cve
cve
CVE-2016-5649
2018-07-24 15:29:00