CVE-2015-8289
Netgear D3600/D6000 routers with firmware up to 1.0.0.49 disclose the administrator password via the password-recovery page. The vulnerability (CVE-2015-8289) lets remote attackers read the cleartext password by inspecting the /cgi-bin/passrec.asp page’s source. Affected devices include D3600 and...