2 matches found
CVE-2019-20489
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface setup.cgi has an authentication bypass and other problems that ultimately allow an attacker to remotely compromise the device from a malicious webpage. The attacker sends an FWremote.htm&todo=cfginit reque...
CVE-2019-20489
CVE-2019-20489 : NETGEAR WNR1000V4 (firmware 1.1.0.54) exposes an authentication bypass in the web management interface (setup.cgi) that can enable remote compromise from a malicious webpage. The exploited flow involves sending FW_remote.htm&todo=cfg_init without a cookie, inspecting the 401 resp...