Lucene search

MitreCVE-2011-1674

HistoryApr 10, 2011 - 2:55 a.m.

CVE-2011-1674

2011-04-1002:55:01

CWE-287

mitre

web.nvd.nist.gov

netgear

prosafe

wnap210

firmware

2.0.12

authentication bypass

cve-2011-1674

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.01

Percentile

83.8%

JSON

The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php.

Affected configurations

Nvd

Node

netgearprosafe_wnap210

AND

netgearprosafe_wnap210_firmwareMatch2.0.12

VendorProductVersionCPE
netgearprosafe_wnap210*cpe:2.3:h:netgear:prosafe_wnap210:*:*:*:*:*:*:*:*
netgearprosafe_wnap210_firmware2.0.12cpe:2.3:a:netgear:prosafe_wnap210_firmware:2.0.12:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	prosafe_wnap210	*	cpe:2.3:h:netgear:prosafe_wnap210::::::::
netgear	prosafe_wnap210_firmware	2.0.12	cpe:2.3:a:netgear:prosafe_wnap210_firmware:2.0.12:::::::*

References

secunia.com/advisories/44045

www.kb.cert.org/vuls/id/644812

www.vupen.com/english/advisories/2011/0884

exchange.xforce.ibmcloud.com/vulnerabilities/66723

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.01

Percentile

83.8%

JSON

Related for CVE-2011-1674