VYPR

D3600 Firmware

by Netgear

CVEs (2)

  • CVE-2015-8289HigJun 20, 2016
    risk 0.49cvss 7.5epss 0.02

    The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.

  • CVE-2015-8288MedJun 20, 2016
    risk 0.39cvss 5.9epss 0.02

    NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of…