NETGEAR GS105PE Pro Safe Switch Hard-coded Credentials

high Nessus Plugin ID 76475

Language:

Synopsis

The remote service has well known hard-coded credentials.

Description

The NETGEAR GS105PE Pro Safe Switch has a set of hard-coded credentials ('ntguser / debugpassword') that give access to several CGI control scripts and could allow a remote attacker to :

- Modify the serial number and MAC address of the product. (produce_burn.cgi)

- Manually set memory to a certain value and extract that value from it. (register_debug.cgi)

- Upload new firmware. (bootcode_update.cgi)

Solution

No known solution.

Plugin Details

Severity: High

ID: 76475

File Name: netgear_GS105PE_hardcodedpass.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 7/11/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 7.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:netgear:gs105pe, cpe:/o:netgear:gs105pe_firmware

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 7/3/2014

Reference Information

CVE: CVE-2014-2969

BID: 68366

CERT: 143740

Detections

Analytics