Vulnerabilities > CVE-2015-8288 - Unspecified vulnerability in Netgear D3600 Firmware and D6000 Firmware
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE network
netgear
Summary
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. <a href="http://cwe.mitre.org/data/definitions/321.html">CWE-321: Use of Hard-coded Cryptographic Key</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 | |
Hardware | 2 |