CVE-2013-3070

Опубликовано: 14 нояб. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN.

Ссылки

https://kb.netgear.com/24413/WNDR3700v4-Firmware-Version-1-0-1-52-Except-China-and-Russia-Only
Patch
Vendor Advisory
https://www.ise.io/casestudies/exploiting-soho-routers/
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Technical Description
Third Party Advisory
https://www.securityfocus.com/bid/59308
Third Party Advisory
VDB Entry
https://kb.netgear.com/24413/WNDR3700v4-Firmware-Version-1-0-1-52-Except-China-and-Russia-Only
Patch
Vendor Advisory
https://www.ise.io/casestudies/exploiting-soho-routers/
Third Party Advisory
https://www.ise.io/soho_service_hacks/
Third Party Advisory
https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf
Technical Description
Third Party Advisory
https://www.securityfocus.com/bid/59308
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:netgear:wndr4700_firmware:1.0.0.34:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wndr4700:-:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.02029

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2c5f-68qc-5vrp

github

больше 3 лет назад