CVE-2016-10175
CVE-2016-10175
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows resetting the answers to the password-recovery questions.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/40949/unverifiedexploitdbwww.exploit-db.com/exploits/40949unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerabilityhttp://seclists.org/fulldisclosure/2016/Dec/72https://raw.githubusercontent.com/pedrib/PoC/master/advisories/netgear-wnr2000.txthttps://www.exploit-db.com/exploits/40949/http://www.securityfocus.com/bid/95867