Netgear Cg3700B Firmware vulnerabilities
3 known vulnerabilities affecting netgear/cg3700b_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2019-13394CRITICALCVSS 9.8v2.02.032020-03-13
CVE-2019-13394 [CRITICAL] CWE-319 CVE-2019-13394: The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over clearte
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP.
nvd
CVE-2019-13395HIGHCVSS 8.8v2.02.032020-03-13
CVE-2019-13395 [HIGH] CWE-352 CVE-2019-13395: The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An a
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings, or even upload an entire malicious configuration file.
nvd
CVE-2019-13393HIGHCVSS 7.5v2.02.032020-03-13
CVE-2019-13393 [HIGH] CWE-1188 CVE-2019-13393: The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphras
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase.
nvd