NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the ¤tsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. This directly allows the attacker to change the web UI password, and eventually to enable debug mode (telnetd) and gain a shell on the device as the admin limited-user account (however, escalation to root is simple because of weak permissions on the /etc/ directory).
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNetgear Wac104
HWNetgearwszystkie wersjeNetgear Wac104 Firmware
OSNetgear< 1.0.4.15
Powiązane podatności
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a ...
NETGEAR WAC104 devices before 1.0.4.13 are affected by a buffer overflow by an authenticated user.
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a...
NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings.
NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.