New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vulnerable #44

Closed
SilentT-FR opened this Issue Jan 4, 2014 · 8 comments

Comments

Projects
None yet
4 participants
@SilentT-FR
Contributor

SilentT-FR commented Jan 4, 2014

DG834 V5.01.09 Yes - Via Wan (Internet)
Cisco WAP4410N-E V02 2.0.1.0 Yes - Via Wan (Internet)
Cisco WAP4410N-E V02 2,0,2,1 Yes - Via Wan (Internet)
Cisco WAP4410N-E V02 2.0.3.3 Yes - Via Wan (Internet)
Cisco WAP4410N-E V02 2.0.4.2 Yes - Via Wan (Internet)
Cisco WAP4410N-E V02 2.0.5.3 Yes - Via Wan (Internet)
Cisco WAP4410N-E V02 2.0.6.1 Yes - Via Wan (Internet)
Netgear DGN2000 1.1.1 Yes - Via Wan (Internet)
Netgear DGN2000 1.1.11.0 Yes - Via Wan (Internet)
Netgear DGN2000 1.3.10.0 (North America) Yes - Via Wan (Internet)
Netgear DGN2000 1.3.11.0 (North America) Yes - Via Wan (Internet)
Netgear DGN2000 1.3.12.0 (North America) Yes - Via Wan (Internet)

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Jan 4, 2014

Owner

strange, the Netgear DG834G v5 is not vulnerable...

Thank you for your report :)

Owner

elvanderb commented Jan 4, 2014

strange, the Netgear DG834G v5 is not vulnerable...

Thank you for your report :)

@SilentT-FR

This comment has been minimized.

Show comment
Hide comment
@SilentT-FR

SilentT-FR Jan 5, 2014

Contributor

Le 04/01/2014 15:20, elvanderb a écrit :

strange, the Netgear DG834G v5 is not vulnerable...

Thank you for your report :)


Reply to this email directly or view it on GitHub:
#44 (comment)
c'est le DG834Gv4 firmware V5.01.01 et pas le DGv834Gv5 ^^ desolé de la
confusion le DGv834v5 a un firmware en v6....

Vulnerable aussi:
DG834GV4 firmware V5.01.01, V5.01.09 , V5.01.14, V5.01.16
DG834GV3 firmware V4.01.04
DG834GV2 firmware V3.01.38

sa fonctionne depuis le wan si le pare feu est ouvert ! par defaut tout
est fermer donc bon depuis le wan sa risque rien sauf si les mec ouvre
tout !

Je pensse qu'un jolie tableau serait plus jolie et plus propre :)

Contributor

SilentT-FR commented Jan 5, 2014

Le 04/01/2014 15:20, elvanderb a écrit :

strange, the Netgear DG834G v5 is not vulnerable...

Thank you for your report :)


Reply to this email directly or view it on GitHub:
#44 (comment)
c'est le DG834Gv4 firmware V5.01.01 et pas le DGv834Gv5 ^^ desolé de la
confusion le DGv834v5 a un firmware en v6....

Vulnerable aussi:
DG834GV4 firmware V5.01.01, V5.01.09 , V5.01.14, V5.01.16
DG834GV3 firmware V4.01.04
DG834GV2 firmware V3.01.38

sa fonctionne depuis le wan si le pare feu est ouvert ! par defaut tout
est fermer donc bon depuis le wan sa risque rien sauf si les mec ouvre
tout !

Je pensse qu'un jolie tableau serait plus jolie et plus propre :)

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Jan 5, 2014

Owner

t'es le bienvenu pour le faire ;)

Owner

elvanderb commented Jan 5, 2014

t'es le bienvenu pour le faire ;)

@an3k

This comment has been minimized.

Show comment
Hide comment
@an3k

an3k Jan 20, 2014

Somehow all of my three Cisco WAP4410N-E v02 fw2.0.6.1 are not vulnerable! I used my config (VLAN) and then did a reset to factory defaults but still no open port.

an3k commented Jan 20, 2014

Somehow all of my three Cisco WAP4410N-E v02 fw2.0.6.1 are not vulnerable! I used my config (VLAN) and then did a reset to factory defaults but still no open port.

@elvanderb

This comment has been minimized.

Show comment
Hide comment
@elvanderb

elvanderb Jan 20, 2014

Owner

I'll remove those routers.

Owner

elvanderb commented Jan 20, 2014

I'll remove those routers.

elvanderb added a commit that referenced this issue Jan 20, 2014

@TekBear

This comment has been minimized.

Show comment
Hide comment
@TekBear

TekBear May 10, 2015

@SilentT-FR
looking on Netgear.com (http://downloadcenter.netgear.com/en/product/DG834Gv2#searchResults) I found no information about any release of DG834GV2 firmware V3.01.38 the last release was V3.01.29
Are you sure it was V3.01.38 ?

TekBear commented May 10, 2015

@SilentT-FR
looking on Netgear.com (http://downloadcenter.netgear.com/en/product/DG834Gv2#searchResults) I found no information about any release of DG834GV2 firmware V3.01.38 the last release was V3.01.29
Are you sure it was V3.01.38 ?

@SilentT-FR

This comment has been minimized.

Show comment
Hide comment
@SilentT-FR

SilentT-FR May 11, 2015

Contributor

Sorry is only for the v1 ans UK VERSION http://downloadcenter.netgear.com/en/product/DG834v1#searchResults

Envoyé de mon iPhone

Le 10 mai 2015 à 21:54, Tek Bear notifications@github.com a écrit :

@SilentT-FR
looking on Netgear.com (http://downloadcenter.netgear.com/en/product/DG834Gv2#searchResults) I found no information about any release of DG834GV2 firmware V3.01.38 the last release was V3.01.29
Are you sure it was V3.01.38 ?


Reply to this email directly or view it on GitHub.

Contributor

SilentT-FR commented May 11, 2015

Sorry is only for the v1 ans UK VERSION http://downloadcenter.netgear.com/en/product/DG834v1#searchResults

Envoyé de mon iPhone

Le 10 mai 2015 à 21:54, Tek Bear notifications@github.com a écrit :

@SilentT-FR
looking on Netgear.com (http://downloadcenter.netgear.com/en/product/DG834Gv2#searchResults) I found no information about any release of DG834GV2 firmware V3.01.38 the last release was V3.01.29
Are you sure it was V3.01.38 ?


Reply to this email directly or view it on GitHub.

@TekBear

This comment has been minimized.

Show comment
Hide comment
@TekBear

TekBear May 13, 2015

@SilentT-FR I looked at the file http://downloadcenter.netgear.com/en/product/DG834v1#searchResults
and grabbed the file. It mixes v1 and v2 this is confusing.

"DG834 and DG834G Firmware Version 3.01.38 (for use in UK only).zip" contains:

  • "ReleaseNotes_DG834v1_fw_3.01.38.html" (text only mentions base DG834 model)
  • "dg834v2_dg834gv2_3_01_38_uk_only.zip" (contains "DG834GV2_V3.01.38.img")

Can anyone confirm it is for "v1" model the "img" file implies for "v2" UK model

TekBear commented May 13, 2015

@SilentT-FR I looked at the file http://downloadcenter.netgear.com/en/product/DG834v1#searchResults
and grabbed the file. It mixes v1 and v2 this is confusing.

"DG834 and DG834G Firmware Version 3.01.38 (for use in UK only).zip" contains:

  • "ReleaseNotes_DG834v1_fw_3.01.38.html" (text only mentions base DG834 model)
  • "dg834v2_dg834gv2_3_01_38_uk_only.zip" (contains "DG834GV2_V3.01.38.img")

Can anyone confirm it is for "v1" model the "img" file implies for "v2" UK model

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment