Authentication Bypass in Netgear DG632 Router
CVE-2009-2257

Currently unrated

Key Information:

Vendor: Netgear
Status: Dg632
Vendor: CVE Published:; 30 June 2009

Summary

The Netgear DG632 router's administrative web interface contains a flaw that allows remote attackers to bypass authentication by directly accessing certain HTML pages such as saveconfig.html and stattbl.htm without valid credentials. This vulnerability can lead to unauthorized access and potential system compromise, as the router may expose sensitive administrative controls and configurations.

References

http://www.tomneaves.co.uk/Netgear_DG632_Authentication_B...

x_refsource_MISC

http://www.securityfocus.com/archive/1/504312/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.exploit-db.com/exploits/8963

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability published
Jun 30, 2009
Vulnerability Reserved
Jun 29, 2009