NETGEAR Hard-coded Telnet Unlock Credentials

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.

Synopsis :

The remote host has a default set of credentials for enabling root
login on the telnet service.

Description :

The remote NETGEAR device has a hard-coded set of credentials that can
be sent in a specially encoded packet in order to unlock the telnet
service and allow remote logins as the root user.

Solution :

There are no known fixes. As a workaround, restrict access to the
telnet port.

Risk factor :

High / CVSS Base Score : 8.3
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 72831 ()

Bugtraq ID: 65444