CVE Vulnerability

CVE-2007-4361

NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.infrant.com/forum/viewtopic.php?t=12249
http://www.infrant.com/forum/viewtopic.php?t=12313
http://www.infrant.com/forum/viewtopic.php?t=3366&start=30
http://www.securityfocus.com/bid/25290 Patch
http://secunia.com/advisories/26442 Patch Vendor Advisory
http://www.osvdb.org/36357
http://securityreason.com/securityalert/3017
https://exchange.xforce.ibmcloud.com/vulnerabilities/36011
http://www.securityfocus.com/archive/1/476266/100/0/threaded
Configurations

Configuration 1

cpe:2.3:h:netgear:readynas_raidiator:3.01c1-p1:*:*:*:*:*:*:*
cpe:2.3:h:netgear:readynas_raidiator:3.01c1-p6:*:*:*:*:*:*:*
Information

Published : 2007-08-15 07:17

Updated : 2018-10-15 09:34

NVD link : CVE-2007-4361

Mitre link : CVE-2007-4361

Products Affected
No products.
CWE
NVD-CWE-Other