VULHUB ™

Device: Netgear RP614v4 Firmware version: v1.1.2_09.01 Firmware release date: November 2009 HTTP service: Boa HTTPd 0.93.15 Exploit release date: Wednesday March 24, 2010 Default router credentials: username: admin password: password Scope: Local/Remote Vulnerability: The Netgear RP614v4 is susceptible to an end user making a request for the netgear.cfg file which is located at: http://[RouterIP]/vgn/jsp/netgear.cfg This file, is a plain text ASCII file that contains the router’s password at line 216, which looks similar to this: http_passwd=myvulnerablepassword You don’t have to authenticate to obtain this file at all. The qualm with this exploit is that, it works in the LAN that the router is on, or even remotely over a WAN, that is if the remote administration option is enabled and the default port for this is 8080.

Device: Netgear RP614v4 Firmware version: v1.1.2_09.01 Firmware release date: November 2009 HTTP service: Boa HTTPd 0.93.15 Exploit release date: Wednesday March 24, 2010 Default router credentials: username: admin password: password Scope: Local/Remote Vulnerability: The Netgear RP614v4 is susceptible to an end user making a request for the netgear.cfg file which is located at: http://[RouterIP]/vgn/jsp/netgear.cfg This file, is a plain text ASCII file that contains the router’s password at line 216, which looks similar to this: http_passwd=myvulnerablepassword You don’t have to authenticate to obtain this file at all. The qualm with this exploit is that, it works in the LAN that the router is on, or even remotely over a WAN, that is if the remote administration option is enabled and the default port for this is 8080.