2021-08-20 11:07:22 +00:00
id : netgear-router-exposure
2021-08-18 11:32:08 +00:00
info :
2021-08-29 06:39:06 +00:00
name : NETGEAR Router S/N Disclosure
description : Multiple NETGEAR router models disclose their serial number which can be used to obtain the admin password if password recovery is enabled.
2021-08-18 11:32:08 +00:00
reference :
- https://www.exploit-db.com/exploits/47117
- https://www.exploit-db.com/exploits/45741
author : geeknik
severity : critical
2021-08-20 11:07:22 +00:00
tags : netgear,exposure,iot
2021-08-18 11:32:08 +00:00
requests :
- method : GET
path :
- "{{BaseURL}}/rootDesc.xml"
matchers-condition : and
matchers :
- type : status
status :
- 200
- 501
2021-08-20 19:08:54 +00:00
condition : or
2021-08-18 11:32:08 +00:00
- type : word
words :
- "<serialNumber>"
- "<deviceType>"
- "<modelNumber>"
condition : and
- type : word
part : header
words :
- text/xml
extractors :
- type : regex
group : 1
regex :
- "<serialNumber>([A-Z0-9]+)<\\/serialNumber>"
