Netgear: >> Cg3700b Firmware >> 2.02.03 Security Vulnerabilities
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-03-13
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-03-13
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings, or even upload an entire malicious configuration file.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-03-13