NetGear FVS318 Username/Password Disclosure Vulnerability

A vulnerability has been reported in NetGear Firewall/VPN/Routers.

When configured to backup configuration settings, the device will store various usernames and passwords in cleartext. Accessing this file could allow an attacker to obtain sensitive information which could aid the attacker in compromising the web administrative interface of the device.

It should be noted that the backup option is not enabled by default, but is a common feature used by administrators.


Privacy Statement
Copyright 2010, SecurityFocus