RSS   Vulnerabilities for 'Wnr2000v5 firmware'   RSS

2017-05-26
 
CVE-2017-6862

 

 
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.

 
2017-01-29
 
CVE-2016-10176

 

 
The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution.

 
 
CVE-2016-10175

 

 
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows resetting the answers to the password-recovery questions.

 
 
CVE-2016-10174

 

 
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.

 

 >>> Vendor: Netgear 96 Products
Me102
Rp114
Rt314
Fm114p
Fvs318
Rm356
Rt338
Wg602
Rt311
Wgt624
Netgear router
Fvg318
Dg834gt
Wg111v2 driver
Wg111v2
Ma521 driver
Wg311v1
Readynas raidiator
Ssl312
Wn802t
Wgr614
Wndap330 firmware
Dg632
Dg632 firmware
Prosafe wnap210 firmware
Prosafe wnap210
Prosafe fvs318n
Raidiator
Prosafe gs510tp
Prosafe gs724t
Prosafe gs725ts
Prosafe gs728tps
Prosafe gs728ts
Prosafe gs728txs
Prosafe gs748t
Prosafe gs752tps
Prosafe gs752txs
Prosafe s716t
Prosafe firmware
Wndr4700
Wndr4700 firmware
Gs108pe
Gs108pe firmware
Mr-adsl-dg834
Wnr1000v3
Wnr1000v3 firmware
Prosafe netgear management system 300
Prosafe network management software 300
D3600 firmware
D6000 firmware
Readynas surveillance
R6250 firmware
R6900 firmware
R7900 firmware
R7000 firmware
D6400 firmware
D6220 firmware
R6400 firmware
R7100lg firmware
R6700 firmware
R7300dst firmware
R8000 firmware
Srx5308 firmware
Fvs318gv2 firmware
Fvs318n firmware
Fvs336gv3 firmware
Arlo base station firmware
Arlo q plus camera firmware
Arlo q camera firmware
Wndr4500 firmware
Dgn2200bv4 firmware
Wndr4000 firmware
D6300b firmware
D6300 firmware
R6200 firmware
Ac1450 firmware
R6300 firmware
Vegn2610 firmware
Wndr3700v3 firmware
Wnr2000v5 firmware
Dgn2200 firmware
Dgn2200 series firmware
Wnap320 firmware
Wndap350 firmware
Wndap360 firmware
Wndap210v2 firmware
Wndap660 firmware
Wn604 firmware
Wn802tv2 firmware
Wnd930 firmware
Prosafe plus configuration utility
Wnr2000v3 firmware
Wnr2000v4 firmware
Dgnd3700 firmware
Ex7000 firmware
Wnr2000 firmware


Copyright 2019, cxsecurity.com

 

Back to Top