VULHUB ™

It is reported that Netgear DG834G devices contain a default password for their Zebra process. Zebra is a dynamic routing daemon, and contains a telnet-accessible configuration shell. It is reported that Zebra listens on both the WAN and the internal network interfaces. By gaining administrative access to Zebra, an attacker has the ability to modify network routes on the device, possibly redirecting traffic or denying network service to legitimate users. They may also be able to exploit latent vulnerabilities in Zebra itself. Due to code reuse, it is possible that other devices similar to this one are also affected.

It is reported that Netgear DG834G devices contain a default password for their Zebra process. Zebra is a dynamic routing daemon, and contains a telnet-accessible configuration shell. It is reported that Zebra listens on both the WAN and the internal network interfaces. By gaining administrative access to Zebra, an attacker has the ability to modify network routes on the device, possibly redirecting traffic or denying network service to legitimate users. They may also be able to exploit latent vulnerabilities in Zebra itself. Due to code reuse, it is possible that other devices similar to this one are also affected.