Re: Netgear RT311/RT314

[Christian Vezina <cvezina () noos fr>]

Does anyone know if NetGear Router RP114 is also affected by this problem?

thanks


> Product:
> Netgear Gateway Router RT314/RT311
>
> Description:
> Netgear's RT314 is a four-port gateway router targeted at the small home 
> or small office network.
>
> Systems Affected:
> Tested on a Netgear RT314 running firmware versions 3.24 and 3.25. Any 
> hardware running this firmware (RT-311 also runs the same firmware). Any 
> product running ZyXel-RomPager web server 3.02 or earlier is probably also 
> vulnerable.
>
> Problem Description:
> The Netgear RT314 Gateway Router (FW v3.25) runs a web server 
> (ZyXEL-RomPager/3.02) for easy user configuration. This web server is 
> vulnerable to the standard Cross Site Scripting problems seen in multiple 
> web servers (noted in CERT CA-2000-02 from two years ago).  Though it may 
> be difficult to exploit (attacker would need to know
> the internal address of the victim's router), it still opens the 
> possibility that an attacker could gain unauthorized access to the router, 
> and possibly reconfigure it to allow remote access.
>
> To check Netgear devices for CSS, simply access the following URL in a 
> browser:
>  http://<router_ip>/<script>alert('Vulnerable')</script>
> If you receive a JavaScript pop-up alert, the system is vulnerable to 
> Cross Site Scripting.
>
> Vendor Status:
> Vendor was contacted on 1/5/2002 (support () netgear com), but did not respond.
>
> Contact:
> sq () cirt net
>
> ____________________________________________________________________
> http://www.cirt.net/
> Home of the Nikto web scanner, default port/password/ssid databases.