Netgear WG602 backdoor

[Si Veteran]

The webinterface which is reachable from both interfaces (LAN/WLAN)

contains an undocumented administrative account which cannot be disabled.

Any user logging in with the username "super" and the password "5777364"

is in complete control of the device.

This vulnerability can be exploited by any person which is able to reach

the webinterface of the device with a webbrowser.

A search on Google revealed that "5777364" is actually the phonenumber

of z-com Taiwan which develops and offers WLAN equipment for its OEM

customers.

Currently it is unknown whether other Vendors are shipping products

based on z-com OEM designs.

http://www.securityfocus.com/archive/1/365069

:|

[trix]

scarry. wouldnt want anybody else messing around with my settings thank god i dount have anetgear or a router yet ^_^

[[idkfa]]

it works, just tried on mine :blink:

[trix]

hehehe gimme your ip :ninja: jk ^_^i just hope they fix this.

[Digital Pimp]

Pretty worrying this sort of thing. I remember there used to be master passwords for bioses too.

Tried this on my newer model Netgear router, and thankfully this doesnt work.

[kennyout]

*hopes to god his D-Link router is not next on list of explotables*

[speedy_kevin]

lol. That's pretty scary.

Then you start thinking, why did z-com build that into his routers :s

[Marshalus Veteran]

Probably for development reasons, and they just forget to remove it before they deployed the software.

Can't you just change the password?

[[idkfa]]

Probably for development reasons, and they just forget to remove it before they deployed the software.

Can't you just change the password?

no, you can't access that username/password in the configuration

[WingZero]

Doesn't work on mine :blink:

All ye WG602v2 users are safe methinks.

[holgr]

They released a new version which requires an other username/password.

New login: superman

New pass: 21241036

Stupid... :blink: :no: :angry:

Source:

http://www.heise.de/newsticker/meldung/48005

[Nathanael]

I'm writing this stuff down now. :shifty:

[holgr]

Yet, patched again: http://www.heise.de/security/news/meldung/48082 (German)

Let's see what's the login/pass this time :D