<<< Date Index >>>     <<< Thread Index >>>

Re: Netgear WG602 Accesspoint vulnerability



Hi,

Jaco Swart wrote:

In-Reply-To: <Pine.GSO.4.33.0406031903380.14119-100000@xxxxxxxxxxxxxxxxx>

I can confirm that this vulnerability still exists in the latest firmware 
upgrade(1.7.14) for the WG602.  They've simply gone and changed the username to 
superman and password to 21241036.

yes - this is right (though it took me a while to find out how to get this gzip compressed part out of the img).

Whats new in this image:
"[...] Fixed illegal user access the WEB configuration utility. [...]"

;-)

Would it be possible to change the firmware image by hand - e.g. usa a hex editor and set this username / password to sth else?

regards,

Harald

--
Team NeueMedien.Net / Hostmaster