The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings, or even upload an entire malicious configuration file.
CPE | Name | Operator | Version |
---|---|---|---|
cg3700b_firmware | eq | 2.02.03 |