CVE-2013-3070

Published: Nov 14, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN.

Affected (1)

Products: Netgear: Wndr4700 Firmware

Netgear

1 product

Wndr4700 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Wndr4700 Firmware	Version 1.0.0.34

Running on/with	Platform Versions
Netgear Wndr4700	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

https://kb.netgear.com/24413/WNDR3700v4-Firmware-Version-1-0-1-52-Except-China-and-Russia-Only

Source: cve@mitre.org

PatchVendor Advisory

https://www.ise.io/casestudies/exploiting-soho-routers/

Source: cve@mitre.org

Third Party Advisory

https://www.ise.io/soho_service_hacks/

Source: cve@mitre.org

Third Party Advisory

https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf

Source: cve@mitre.org

Technical DescriptionThird Party Advisory

https://www.securityfocus.com/bid/59308

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://kb.netgear.com/24413/WNDR3700v4-Firmware-Version-1-0-1-52-Except-China-and-Russia-Only