The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and previous versions allows remote malicious users to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgear d3600_firmware 1.0.0.49 |
||
netgear d6000_firmware |