中文版本

Firmware Version: V1.0.1.64PRRU

Open your browser and open http://<your router IP>/BRS_02_genieHelp.html

wndr4300-vulnerability.png

Select one of the Radio buttons, and you will bypass the router authentication.

Edit your config freely in case you forgot your password and you even don't need to press the RESET button.

However, it's more like a bug not a backdoor. Who will write an user-friendly GUI for a backdoor? :)

There is also a injection vulnerability.

Open http://<your router IP>/ping6_traceroute6_hidden_info.htm and enter `reboot` in the box called ping6 to, you can successfully reboot your router. This page requires authentication in V1.0.1.64PRRU. But in previous version of firmware, this page doesn't need authentication so crackers can use this page to obtain root privilege of your router.

You can get update from ftp://downloads.netgear.com/pub/netgear/updates/ and ftp://download.netgear.com.cn:8084 to fix problems mentioned above.

Reference: Complete, Persistent Compromise of Netgear Wireless Routers

如果你觉得文章对你有帮助的话,可以通过支付宝捐助我一杯咖啡钱以鼓励我的工作。

alipay_qrcode

Comments

comments powered by Disqus