Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability

To: info@xxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability
From: Jimmy Latouche <jimmy.lc@xxxxxxxxx>
Date: Thu, 02 Mar 2006 11:03:07 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding:from; b=qdeXoGZF2siNg12ah07ZKKBFxxCiYbGXMPo7aZ/yqM9S+qROBl1zKyDGieYgWj8lASP8AgK9EGZJclbxPukkzT0mNdGGFfC+QZbVKR0hJ/RUDlmlVSRkjeedFmys37fHjFiJkw2gAArdnXEcbKUKLP9HrnqdbelhcQWfH0LnpjY=
In-reply-to: <20060226103344.1587.qmail@xxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20060226103344.1587.qmail@xxxxxxxxxxxxxxxxx>
User-agent: Thunderbird 1.5 (X11/20051201)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Netgear WGT624 v3 is clean, however, some days ago i was searching
on how to put openwrt on this devices and they described that the serial
interface had that username and password, in other words, YES they have
that account but you have to solder pins on the motherboard of the
router and then establish a serial interface between the router and the
pc to get in, follow this link to find the entire info[1]

Hope this helps

[1]http://wiki.openwrt.org/OpenWrtDocs/Hardware/Netgear/WGT624


info@xxxxxxxxxxxxxx wrote:
> Netgear WG602 reportedly contains a default administrative account. This 
> issue can allow a remote attacker to gain administrative access to the device.
> 
> super_username=Gearguy 
> super_passwd=Geardog

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEBtDrMMiJycFzcTQRAmJFAKCxfAmXCHLVrvbWvaJxvGYc8dBk1wCguP/g
GgUKOIkM+EcJWehp/IiG2Ts=
=YO1Q
-----END PGP SIGNATURE-----

References:
- NETGEAR WGT624 Wireless DSL router default user name/password vulnerability
  - From: info

Prev by Date: PluggedOut Nexus SQL injection
Next by Date: JOOMLA CMS 1.0.7 DoS & path disclosing
Previous by thread: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability
Next by thread: Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability
Index(es):
- Date
- Thread