EIP-2026-101861

PRE-CVE

Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101861. PoCs published by Dolev Farhi.

AI-analyzed exploit summary This is a technical writeup detailing a password disclosure vulnerability in NETGEAR DGN2200 routers. The vulnerability allows an attacker to extract plaintext passwords from the router's Basic Settings page by viewing the page source, where sensitive information is stored in JavaScript arrays.

Description

Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure

Exploits (1)

exploitdb WRITEUP

by Dolev Farhi · textwebappshardware

https://www.exploit-db.com/exploits/34149

View Code ZIP pw:eip

This is a technical writeup detailing a password disclosure vulnerability in NETGEAR DGN2200 routers. The vulnerability allows an attacker to extract plaintext passwords from the router's Basic Settings page by viewing the page source, where sensitive information is stored in JavaScript arrays.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: NETGEAR DGN2200 firmware 1.0.0.29_1.7.29_HotS

No auth needed

Prerequisites: Access to the router's Basic Settings page

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026