CVE-2009-2256

Netgear DG632 3.4.0_ap - Denial of Service via Firmware Configuration CGI Endpoint

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2256. PoCs published by Tom Neaves.

AI-analyzed exploit summary This is a writeup describing a Denial of Service (DoS) vulnerability in the Netgear DG632 router. The vulnerability is triggered by sending a HTTP POST request to the '/cgi-bin/firmwarecfg' endpoint, causing the web interface to crash and become inaccessible until a physical restart.

Description

The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Tom Neaves · textdoshardware

https://www.exploit-db.com/exploits/8964

View Code ZIP pw:eip

This is a writeup describing a Denial of Service (DoS) vulnerability in the Netgear DG632 router. The vulnerability is triggered by sending a HTTP POST request to the '/cgi-bin/firmwarecfg' endpoint, causing the web interface to crash and become inaccessible until a physical restart.

Classification

Writeup 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Netgear DG632 Router with Firmware V3.4.0_ap

No auth needed

Prerequisites: Network access to the router's web interface · Remote Management feature enabled if attacking over the Internet

MITRE ATT&CK