ID de Prueba:	1.3.6.1.4.1.25623.1.0.803731
Categoría:	Web application abuses
Título:	Western Digital My Net Devices Information Disclosure Vulnerability
Resumen:	Western Digital My Net Router is prone to an information disclosure vulnerability.
Descripción:	Summary: Western Digital My Net Router is prone to an information disclosure vulnerability. Vulnerability Insight: The issue is due to the device storing the admin password in clear text in the main_internet.php source code page as the value for 'var pass'. Vulnerability Impact: Successful exploitation will allow attacker to gain access to credential information. Affected Software/OS: Western Digital My Net N600 1.03, 1.04, Western Digital My Net N750 1.03, 1.04, Western Digital My Net N900 1.05, 1.06 and Western Digital My Net N900C 1.05, 1.06 Solution: Upgrade to version 1.07.16, for the My Net N900 and My Net N900. For My Net N600 and My Net N750 solution is to revert to the earlier firmware of 1.01.04 or 1.01.20, or disable remote administrative access. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5006 Bugtraq: 20130718 Western Digital My Net N600, N750, N900 and N900C - Plain text disclosure of administrative credentials (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-07/0133.html Bugtraq: 20130722 Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-07/0146.html http://www.osvdb.org/95519 XForce ISS Database: my-net-info-disc(85903) https://exchange.xforce.ibmcloud.com/vulnerabilities/85903
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.