Netgear WG602 Wireless Access Point默认后门账户漏洞

漏洞信息详情

Netgear WG602 Wireless Access Point默认后门账户漏洞

• CNNVD编号：CNNVD-200412-414
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-2557
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-01-24
  
• 厂        商：
  
  netgear
• 漏洞来源：
  Discovery is credi…

NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14版本存在一个用户名为\”superman\”并且密码为\”21241036\”的硬编码账户，远程攻击者可以修改配置。

It is alleged that the vendor has released NetGear WG602 Access Point Firmware 1.7.15 to address this issue. This information is not confirmed at the moment. Please contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

来源: SECUNIA
名称: 11773
链接:http://secunia.com/advisories/11773

来源: XF
名称: netgearwg602-default-account(16312)
链接:http://xforce.iss.net/xforce/xfdb/16312

来源: BID
名称: 10459
链接:http://www.securityfocus.com/bid/10459

来源: BUGTRAQ
名称: 20040605 Re: Netgear WG602 Accesspoint vulnerability
链接:http://www.securityfocus.com/archive/1/365230

来源: OSVDB
名称: 6743
链接:http://www.osvdb.org/6743

来源: CIAC
名称: O-159
链接:http://www.ciac.org/ciac/bulletins/o-159.shtml

来源: slashdot.org
链接:http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172

来源: slashdot.org
链接:http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172

来源: kbserver.netgear.com
链接:http://kbserver.netgear.com/kb_web_files/n101383.asp

来源: BUGTRAQ
名称: 20040603 Netgear WG602 Accesspoint vulnerability
链接:http://archives.neohapsis.com/archives/bugtraq/2004-06/0036.html