netgear wgr614 Security Vulnerabilities

4 Vulnerabilities

Description
An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. This is a different issue than CVE-2012-6340. Impacted versions: Base Score: 0.0, Severity: NA, ID: CVE-2012-6341, Last Modified: 2020-02-06T19:15:00Z References Advisory Modemly Security Checklist NetGear-WGR614-router-setup
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002. Impacted versions: Base Score: 0.0, Severity: NA, ID: CVE-2012-6340, Last Modified: 2020-02-06T18:23:00Z References Advisory Modemly Security Checklist NetGear-WGR614-router-setup
The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?"). Impacted versions: v9, v8 Base Score: 7.8, Severity: HIGH, ID: CVE-2008-6122, Last Modified: 2017-08-08T01:33:00Z References Vendor Advisory Exploit Modemly Security Checklist NetGear-WGR614-router-setup
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request. Impacted versions: v6, v2, v1, v5, v3, v9, v4, v8, v7 Base Score: 7.8, Severity: HIGH, ID: CVE-2014-4927, Last Modified: 2014-07-25T15:52:00Z References Exploit Exploit Exploit Modemly Security Checklist NetGear-WGR614-router-setup

Description

An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. This is a different issue than CVE-2012-6340.

Impacted versions:

Base Score: 0.0, Severity: NA, ID: CVE-2012-6341, Last Modified: 2020-02-06T19:15:00Z

References

Advisory

Modemly Security Checklist

NetGear-WGR614-router-setup

An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002.

Impacted versions:

Base Score: 0.0, Severity: NA, ID: CVE-2012-6340, Last Modified: 2020-02-06T18:23:00Z

References

Advisory

Modemly Security Checklist

NetGear-WGR614-router-setup

The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark ("?").

Impacted versions: v9, v8

Base Score: 7.8, Severity: HIGH, ID: CVE-2008-6122, Last Modified: 2017-08-08T01:33:00Z

References

Vendor Advisory Exploit

Modemly Security Checklist

NetGear-WGR614-router-setup

Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request.

Impacted versions: v6, v2, v1, v5, v3, v9, v4, v8, v7

Base Score: 7.8, Severity: HIGH, ID: CVE-2014-4927, Last Modified: 2014-07-25T15:52:00Z

References

Exploit Exploit Exploit

Modemly Security Checklist

NetGear-WGR614-router-setup

USAGE: Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.