exploitDog

CVE-2019-13393

Опубликовано: 13 мар. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase.

Ссылки

https://www.doyler.net/security-not-included/voo-netgear-cg3700b-vulnerabilities
Exploit
Third Party Advisory
https://www.doyler.net/security-not-included/voo-netgear-cg3700b-vulnerabilities
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:netgear:cg3700b_firmware:2.02.03:*:*:*:*:*:*:*

cpe:2.3:h:netgear:cg3700b:-:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00419

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-1188

Связанные уязвимости

GHSA-7qhr-r3gj-gxg8

github

больше 3 лет назад

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase.

EPSS

Процентиль: 61%

0.00419

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-1188