Detections
Analytics

Western Digital My Net Router main_internet.php Admin Credential Disclosure

medium Nessus Plugin ID 69370

Language:

Synopsis

The remote web server contains an application that is affected by an information disclosure vulnerability.

Description

The web server for the Western Digital My Net router identified is affected by an information disclosure vulnerability. The admin password is stored in plaintext as the value for 'var pass'. This can be found in the source code for the 'main_internet.php' page. An unauthenticated, remote attacker could gain access to the login credentials by sending a request to an affected device.

Note that in order for this issue to be exploited, UPnP and remote administrative access must be enabled.

Solution

Users of N900 and N900C devices should update the firmware to version 1.07.16 or later. For other affected devices, please refer to the vendor for upgrade options. Some sources suggest disabling remote administrative access and disable UPnP as possible mitigation steps in the event no upgrade option is available.

See Also

https://seclists.org/bugtraq/2013/Jul/132

http://www.wdc.com/wdproducts/updates/?family=wdfmynetn900

Plugin Details

Severity: Medium

ID: 69370

File Name: wd_my_net_password_disclosure.nasl

Version: 1.8

Type: remote

Family: CGI abuses

Published: 8/15/2013

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2013-5006

Vulnerability Information

CPE: cpe:/o:wdc:mynet_firmware

Exploit Available: true

Exploit Ease: No exploit is required

Exploited by Nessus: true

Patch Publication Date: 5/21/2013

Vulnerability Publication Date: 7/19/2013

Reference Information

CVE: CVE-2013-5006

BID: 61361