Configuration Backup Flaw in NETGEAR ProSafe Plus Utility Exposes Sensitive Information
CVE-2014-4864

Currently unrated

Key Information:

Vendor: Netgear
Status: Prosafe Firmware
Vendor: CVE Published:; 10 September 2014

Summary

The NETGEAR ProSafe Plus Configuration Utility has a significant issue where configuration backup files are generated containing cleartext passwords. This flaw may permit remote attackers to access sensitive information by reading the insecurely stored backup files. Organizations using this utility should act promptly to mitigate potential risks associated with this vulnerability.

References

http://www.kb.cert.org/vuls/id/396212

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Jul 10, 2014