Description
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md
Scores
CVSS v3
8.1
EPSS
0.0051
EPSS Percentile
66.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (33)
netgear/ac1450_firmware
netgear/d8500_firmware
netgear/dc112a_firmware
netgear/jndr3000_firmware
netgear/lg2200d_firmware
netgear/r4500_firmware
netgear/r6200_firmware
netgear/r6200v2_firmware
netgear/r6250_firmware
netgear/r6300_firmware
... and 23 more
Published
Oct 09, 2019
Tracked Since
Feb 18, 2026