Information disclosure flaw exposes Netgear wireless routers to attacks

Several wireless routers made by Netgear contain a vulnerability that allows unauthenticated attackers to extract sensitive information from the devices, including their administrator passwords and wireless network keys.

The vulnerability can be exploited over local area networks, as well as over the Internet if the devices are configured for remote administration and expose their Web interface externally.

Details about the vulnerability were published on the Full Disclosure mailing list last week, along with a proof-of-concept exploit. Peter Adkins, the researcher who found the flaw, claims that he contacted Netgear but that his attempts to explain the nature of the issue to the company’s technical support department failed.

To read this article in full or to leave a comment, please click here

Read more: Information disclosure flaw exposes Netgear wireless routers to attacks

Story added 16. February 2015, content source with full text you can find at link above.