Vulnerabilities > CVE-2019-13393 - Insecure Default Initialization of Resource vulnerability in Netgear Cg3700B Firmware 2.02.03

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

netgear

CWE-1188

NVD

Published: 2020-03-13

Updated: 2020-08-24

Summary

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase.

Vulnerable Configurations

Part	Description	Count
OS	Netgear Netgear Cg3700B Firmware 2.02.03	1
Hardware	Netgear Netgear Cg3700B -	1

Common Weakness Enumeration (CWE)

CWE-1188 - Insecure Default Initialization of Resource

References

https://www.doyler.net/security-not-included/voo-netgear-cg3700b-vulnerabilities