New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Netgear DGN3500 #13

Closed
donlimo opened this Issue Jan 3, 2014 · 12 comments

Comments

Projects
None yet
6 participants
@donlimo

donlimo commented Jan 3, 2014

The port is open and respond on request. I tried the option that show admin password too and it work, so it's confirmed.

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Jan 3, 2014

Owner

Thank you, added :)

Owner

elvanderb commented Jan 3, 2014

Thank you, added :)

@gsxarne

This comment has been minimized.

Show comment
Hide comment
@gsxarne

gsxarne Jan 5, 2014

Hi,
i've tested my DGN3500 (Software V1.1.00.28_1.00.28GR) with telnet ( telnet routerip 32764“ ) and a portscan of the 32764 port and did not get a response.
I know another guy who has also a DGN3500 and also didnt get a response.

Greetings

gsxarne commented Jan 5, 2014

Hi,
i've tested my DGN3500 (Software V1.1.00.28_1.00.28GR) with telnet ( telnet routerip 32764“ ) and a portscan of the 32764 port and did not get a response.
I know another guy who has also a DGN3500 and also didnt get a response.

Greetings

@donlimo

This comment has been minimized.

Show comment
Hide comment
@donlimo

donlimo Jan 5, 2014

Intresting, I have firmware V1.1.00.33_1.00.33
https://www.dropbox.com/s/l4n1ubq6hu6a2fh/screen.png

donlimo commented Jan 5, 2014

Intresting, I have firmware V1.1.00.33_1.00.33
https://www.dropbox.com/s/l4n1ubq6hu6a2fh/screen.png

@gsxarne

This comment has been minimized.

Show comment
Hide comment
@gsxarne

gsxarne Jan 5, 2014

Ok... lesson learned: Never trust a Windows telnet client:

this on is from a qnap nas:

http://abload.de/img/screenshot2014-01-051g8uyu.png

gsxarne commented Jan 5, 2014

Ok... lesson learned: Never trust a Windows telnet client:

this on is from a qnap nas:

http://abload.de/img/screenshot2014-01-051g8uyu.png

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Jan 5, 2014

Owner

Why people don't use the provided PoC?! :)

Owner

elvanderb commented Jan 5, 2014

Why people don't use the provided PoC?! :)

@enryIT

This comment has been minimized.

Show comment
Hide comment
@enryIT

enryIT Jan 16, 2014

Contributor

Using this custom firmware http://alfie.altervista.org/amod/

probably not vulnerable (error: timed out)

Contributor

enryIT commented Jan 16, 2014

Using this custom firmware http://alfie.altervista.org/amod/

probably not vulnerable (error: timed out)

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Jan 17, 2014

Owner

Thank you :)
Could you do a pull request to add this solution to the list?

Owner

elvanderb commented Jan 17, 2014

Thank you :)
Could you do a pull request to add this solution to the list?

@looscillator

This comment has been minimized.

Show comment
Hide comment
@looscillator

looscillator Jan 26, 2014

Tested poc.py on DGN3500 (LAN Interface, did not test WAN)
affected international firmware versions:

V1.1.00.16_1.00.16
V1.1.00.22_1.00.22
V1.1.00.25_1.00.25
V1.1.00.28_1.00.28
V1.1.00.33_1.00.33

http://kb.netgear.com/app/answers/detail/a_id/2649

looscillator commented Jan 26, 2014

Tested poc.py on DGN3500 (LAN Interface, did not test WAN)
affected international firmware versions:

V1.1.00.16_1.00.16
V1.1.00.22_1.00.22
V1.1.00.25_1.00.25
V1.1.00.28_1.00.28
V1.1.00.33_1.00.33

http://kb.netgear.com/app/answers/detail/a_id/2649

@nremond

This comment has been minimized.

Show comment
Hide comment
@nremond

nremond Feb 3, 2014

Using http://alfie.altervista.org/amod/ fixed it for me. Great firmware.

nremond commented Feb 3, 2014

Using http://alfie.altervista.org/amod/ fixed it for me. Great firmware.

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Feb 3, 2014

Owner

I'll add it to the possible fixes, thanks ;)

Owner

elvanderb commented Feb 3, 2014

I'll add it to the possible fixes, thanks ;)

@enryIT

This comment has been minimized.

Show comment
Hide comment
@enryIT

enryIT Feb 3, 2014

Contributor

already did that 12 days ago :D

Contributor

enryIT commented Feb 3, 2014

already did that 12 days ago :D

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Feb 4, 2014

Owner

This wasn't listed in the possible solutions :)
I'll add your comment in the credits ;)

Owner

elvanderb commented Feb 4, 2014

This wasn't listed in the possible solutions :)
I'll add your comment in the credits ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment