Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in (e.g., behind the same NAT device, or already in possession of a foothold on an admin's machine). This occurs because the multi-step HTTP authentication process is effectively tied only to the source IP address. This affects GC108P prior to 1.0.8.2, GC108PP prior to 1.0.8.2, GS108Tv3 prior to 7.0.7.2, GS110TPP prior to 7.0.7.2, GS110TPv3 prior to 7.0.7.2, GS110TUP prior to 1.0.5.3, GS308T prior to 1.0.3.2, GS310TP prior to 1.0.3.2, GS710TUP prior to 1.0.5.3, GS716TP prior to 1.0.4.2, GS716TPP prior to 1.0.4.2, GS724TPP prior to 2.0.6.3, GS724TPv2 prior to 2.0.6.3, GS728TPPv2 prior to 6.0.8.2, GS728TPv2 prior to 6.0.8.2, GS750E prior to 1.0.1.10, GS752TPP prior to 6.0.8.2, GS752TPv2 prior to 6.0.8.2, MS510TXM prior to 1.0.4.2, and MS510TXUP prior to 1.0.4.2.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
netgear gc108p_firmware |
||
netgear gc108pp_firmware |
||
netgear gs108t_firmware |
||
netgear gs110tpp_firmware |
||
netgear gs110tp_firmware |
||
netgear gs110tup_firmware |
||
netgear gs308t_firmware |
||
netgear gs310tp_firmware |
||
netgear gs710tup_firmware |
||
netgear gs716tp_firmware |
||
netgear gs716tpp_firmware |
||
netgear gs724tpp_firmware |
||
netgear gs724tp_firmware |
||
netgear gs728tpp_firmware |
||
netgear gs728tp_firmware |
||
netgear gs750e_firmware |
||
netgear gs752tpp_firmware |
||
netgear gs752tp_firmware |
||
netgear ms510txm_firmware |
||
netgear ms510txup_firmware |
Vulmon