Password Disclosure Vulnerability in NETGEAR Routers
CVE-2017-5521

8.1HIGH

Key Information:

Vendor: Netgear
Status: R6200 Firmware
Vendor: CVE Published:; 17 January 2017

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 94%🦅 CISA Reported

Summary

A security vulnerability has been identified in various NETGEAR router models that allows for the potential disclosure of administrative passwords. This occurs when a crafted request is made to the router's web management interface, especially when remote management is enabled. If a user cancels the authentication prompt and password recovery is disabled, they may be redirected to a page that exposes a recovery token. Supplying the correct token can reveal the admin password. This vulnerability is persistent and cannot be exploited if password recovery is enabled, as the system will require security questions to be answered.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2017-5521 - Proof of Concept