By fuzzing the web interface of his Netgear router, Trustwave security expert Simon Kenin came across code (unauth.cgi) that was previously associated with two exploits linked to unauthenticated password disclosure flaws, according to a report by CSO’s Salted Hash.
By leveraging the vulnerability, the attacker can ultimately retrieve a victim’s credentials tied to the affected Netgear device. After running tests, Kenin found the vulnerability to work on a broad range of Netgear products.
“The vulnerability can be used by a remote attacker if remote administration is set to be internet facing,” Kenin wrote in a recent blog post. “Be default this is not turned on. However, anyone with physical access to a network with a vulnerable router can exploit it locally. This would include public wifi space like cafés and libraries using vulnerable equipment.”