ID de Prueba:	1.3.6.1.4.1.25623.1.0.12258
Categoría:	CGI abuses
Título:	NetGear Hidden Password Check
Resumen:	NOSUMMARY
Descripción:	Description: NetGear ships at least one device with a builtin administrator account. This account cannot be changed via the configuration interface and enables a remote attacker to control the NetGear device. To duplicate this error, simply point your browser to a vulnerable machine, and log in (when prompted) with userid = super password = 5777364 or userid = superman password = 21241036 Solution: Contact vendor for a fix. As a temporary workaround, disable the webserver or filter the traffic to the NetGear webserver via an upstream firewall. Risk factor : High
Referencia Cruzada:	BugTraq ID: 10459 Common Vulnerability Exposure (CVE) ID: CVE-2004-2557 http://www.securityfocus.com/bid/10459 Bugtraq: 20040603 Netgear WG602 Accesspoint vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-06/0036.html Bugtraq: 20040605 Re: Netgear WG602 Accesspoint vulnerability (Google Search) http://www.securityfocus.com/archive/1/365230 Computer Incident Advisory Center Bulletin: O-159 http://www.ciac.org/ciac/bulletins/o-159.shtml http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172 http://www.osvdb.org/6743 http://secunia.com/advisories/11773 XForce ISS Database: netgearwg602-default-account(16312) https://exchange.xforce.ibmcloud.com/vulnerabilities/16312 Common Vulnerability Exposure (CVE) ID: CVE-2004-2556
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.