Netgear ProSafe Plus GS105PE Switch Hardcoded Credentials Security Bypass Security
Where:From local network
Impact:Security Bypass
Solution Status:Unpatched
Description
A security issue has been reported in the Netgear ProSafe Plus GS105PE Switch, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to the application using a certain, undocumented user account with hardcoded credentials. This can be exploited to gain otherwise restricted access and e.g. upload and execute arbitrary code.
The security issue is reported in firmware version 1.2.0.5.
Solution:
No official solution is currently available.
http://secunia.com/advisories/59581/
http://www.netgear.com/business/products/switches/unmanaged-plus/GS105PE.aspx
Where:From local network
Impact:Security Bypass
Solution Status:Unpatched
Description
A security issue has been reported in the Netgear ProSafe Plus GS105PE Switch, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to the application using a certain, undocumented user account with hardcoded credentials. This can be exploited to gain otherwise restricted access and e.g. upload and execute arbitrary code.
The security issue is reported in firmware version 1.2.0.5.
Solution:
No official solution is currently available.
http://secunia.com/advisories/59581/
http://www.netgear.com/business/products/switches/unmanaged-plus/GS105PE.aspx