This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities. Necessarily indicate when this vulnerability wasĭiscovered, shared with the affected vendor, publicly The CVE ID was allocated or reserved, and does not The list is not intended to be complete.ĭisclaimer: The record creation date may reflect when Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. In addition, this router features seven Gigabit Ethernet ports for a quick transfer. With its 5.3 Gbps wireless AC connectivity, this router allows multiple bandwidth-consuming applications to run seamlessly at the same time. When trying to access the web panel, a user is asked to authenticate if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. The NETGEAR AC5300 Nighthawk X8 R8500 Tri-Band is a wireless router that enables you to easily create your own network. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. They are prone to password disclosure via simple crafted requests to the web management server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |