The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
CPE | Name | Operator | Version |
---|---|---|---|
d3600_firmware | eq | 1.0.0.49 | |
d6000_firmware | le | 1.0.0.49 |