Search criteria
12 vulnerabilities found for rp114 by netgear
VAR-200212-0249
Vulnerability from variot - Updated: 2025-04-03 22:36Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed. NetGear RP114 router can access management through TELNET and HTTP.
The NetGear RP114 router has a vulnerability in restricting management interface access processing. A remote attacker could use this vulnerability to externally access the management interface services.
The NetGear RP114 router sets the 192.168.0.1 IP address as a local access address. All access restrictions on management tools are only accessible by this address, but there are loopholes. The NetGear RP114 router receives all communications with an IP address in the range of 192.168.xx. If the user has authentication information, he can access the management tool from the external interface for reconfiguration or conduct illegal activities such as denial of service attacks. However, there is a loophole
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0249",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rp114",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "3.26"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-2888"
},
{
"db": "BID",
"id": "5036"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
},
{
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "auto353237@hushmail.com\u203b\u003eauto353237@hushmail.com\u003c/a\u003e\u203b auto353237@hushmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2020",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2020",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6403",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2020",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-369",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6403",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6403"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
},
{
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed. NetGear RP114 router can access management through TELNET and HTTP. \n\n\u00a0The NetGear RP114 router has a vulnerability in restricting management interface access processing. A remote attacker could use this vulnerability to externally access the management interface services. \n\n\u00a0The NetGear RP114 router sets the 192.168.0.1 IP address as a local access address. All access restrictions on management tools are only accessible by this address, but there are loopholes. The NetGear RP114 router receives all communications with an IP address in the range of 192.168.xx. If the user has authentication information, he can access the management tool from the external interface for reconfiguration or conduct illegal activities such as denial of service attacks. However, there is a loophole",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2020"
},
{
"db": "CNVD",
"id": "CNVD-2002-2888"
},
{
"db": "BID",
"id": "5036"
},
{
"db": "VULHUB",
"id": "VHN-6403"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-2020",
"trust": 2.3
},
{
"db": "BID",
"id": "5036",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200212-369",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-2888",
"trust": 0.6
},
{
"db": "XF",
"id": "9371",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020617 EXTERNAL ACCESS TO NETGEAR RP114 \"FIREWALL\"",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3016",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6403",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-2888"
},
{
"db": "VULHUB",
"id": "VHN-6403"
},
{
"db": "BID",
"id": "5036"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
},
{
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"id": "VAR-200212-0249",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6403"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:36:22.867000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5036"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0177.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9371.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3016"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/product_view.asp?xrp=4\u0026yrp=12\u0026zrp=93"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6403"
},
{
"db": "BID",
"id": "5036"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
},
{
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-2888"
},
{
"db": "VULHUB",
"id": "VHN-6403"
},
{
"db": "BID",
"id": "5036"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
},
{
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-2888"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6403"
},
{
"date": "2002-06-17T00:00:00",
"db": "BID",
"id": "5036"
},
{
"date": "2002-06-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-369"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-06-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-2888"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6403"
},
{
"date": "2002-06-17T00:00:00",
"db": "BID",
"id": "5036"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-369"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-2020"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetGear RP114 manages access vulnerability through external interface",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-2888"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-369"
}
],
"trust": 0.6
}
}
VAR-200203-0075
Vulnerability from variot - Updated: 2025-04-03 22:24Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port. The Netgear RP114 Cable / DSL Web Safe router allows some users to share cable / DSL connections and provides address translation capabilities. A similar situation may occur in other configuration situations, and it may be the problem for all routers with firmware versions earlier than 3.26. All incoming/outgoing communication across the WAN port will cease for the duration of the port scan. This condition has reportedly also been reproduced with other configurations. This issue may affect firmware releases other than v3.26. < Link: http://archives.neohapsis.com/archives/bugtraq/2002-01/0183.html >
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200203-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rp114",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "3.26"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-0071"
},
{
"db": "BID",
"id": "3876"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
},
{
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was submitted to BugTraq on January 15th, 2002 by \"Omkhar Arasaratnam\" \u003comkhar@rogers.com\u003e.",
"sources": [
{
"db": "BID",
"id": "3876"
}
],
"trust": 0.3
},
"cve": "CVE-2002-0127",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0127",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-4522",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0127",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200203-085",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-4522",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4522"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
},
{
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port. The Netgear RP114 Cable / DSL Web Safe router allows some users to share cable / DSL connections and provides address translation capabilities. A similar situation may occur in other configuration situations, and it may be the problem for all routers with firmware versions earlier than 3.26. All incoming/outgoing communication across the WAN port will cease for the duration of the port scan. \nThis condition has reportedly also been reproduced with other configurations. This issue may affect firmware releases other than v3.26. \u003c *Link: http://archives.neohapsis.com/archives/bugtraq/2002-01/0183.html* \u003e",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0127"
},
{
"db": "CNVD",
"id": "CNVD-2002-0071"
},
{
"db": "BID",
"id": "3876"
},
{
"db": "VULHUB",
"id": "VHN-4522"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0127",
"trust": 2.6
},
{
"db": "BID",
"id": "3876",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200203-085",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-0071",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020115 VULNERABILITY NETGEAR RP-114 ROUTER - NMAP CAUSES DOS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4522",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-0071"
},
{
"db": "VULHUB",
"id": "VHN-4522"
},
{
"db": "BID",
"id": "3876"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
},
{
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"id": "VAR-200203-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4522"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:24:16.480000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3876"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/250405"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/product_view.asp?xrp=4\u0026yrp=12\u0026zrp=93"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4522"
},
{
"db": "BID",
"id": "3876"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
},
{
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-0071"
},
{
"db": "VULHUB",
"id": "VHN-4522"
},
{
"db": "BID",
"id": "3876"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
},
{
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-0071"
},
{
"date": "2002-03-25T00:00:00",
"db": "VULHUB",
"id": "VHN-4522"
},
{
"date": "2002-01-15T00:00:00",
"db": "BID",
"id": "3876"
},
{
"date": "2002-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-085"
},
{
"date": "2002-03-25T05:00:00",
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-0071"
},
{
"date": "2008-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-4522"
},
{
"date": "2009-07-11T09:56:00",
"db": "BID",
"id": "3876"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-085"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0127"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetGear RP114 Router WAN Interface Remote Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-0071"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-085"
}
],
"trust": 0.6
}
}
VAR-200405-0038
Vulnerability from variot - Updated: 2025-04-03 22:21Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. NetGear RP114 router can access management through TELNET and HTTP.
NetGear RP114 router content filtering problem, remote attackers can use this vulnerability to access restricted resources.
If the URI string requested by the user exceeds 220 bytes, the content filtering function of NetGear RP114 can be bypassed. This problem can cause administrators to ignore some security. This vulnerability may result in a false sense of security for a network administrator, where a malicious website is believed to be unreachable. In reality any host may contact blacklisted websites. D-Link DIR-100 long url filter evasion
scip AG Vulnerability ID 3808 (09/08/2008) http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808
I. INTRODUCTION
D-Link DIR-100 is a small and cost-effective router and firewall device for small offices and home users. More details are available at the official product web site (German link):
http://www.dlink.de/?go=gNTyP9CgrdFOIC4AStFCF834mptYKO9ZTdvhLPG3yV3oV492gqltbNlwaaFp6DQoHDrpxC5H+40AAdvl
II. DESCRIPTION
Marc Ruef at scip AG found a possibility to evade url filters of the web proxy to prevent access to web sites.
An attacker might add a very long string to the url to access web resources althought their access is forbidden.
This problem could be verified in all firmware versions up to v1.12.
A similar vulnerability was already detected years ago in a similar device Netgear RP114. [1, 2]
III. EXPLOITATION
It is possible to exploit the vulnerability with a common web browser by using a long url (approx. 1'300 chars). You can expand the length of the url by adding a non-used http get request parameter. Example url:
http://www.scip.ch/?foo=aaa(...)
A video illustrating this issue is available at the following url:
http://de.youtube.com/watch?v=WTzPn37XNl4
The Attack Tool Kit (ATK)[3] is able to exploit this vulnerability with the following generic ASL code (expand the long URL request):
open|send GET http://www.scip.ch/?foo=aaa(...)
HTTP/1.0\n\n|sleep|close|pattern_not_exists This URL is blocked by administrator !
IV.
V. DETECTION
Detection of web based attacks requires a specialized web proxy and/or intrusion detection system. Patterns for such a detection are available and easy to implement.
VI. SOLUTION
We have informed D-Link on an early stage. Our technical requests were not answered nor confirmed. Therefore, not official statement, patch or upgrade is available.
We suggest the use of another device for filtering forbidden web resources successfully.
VII. VENDOR RESPONSE
D-Link has been informed first via the unhandy web form at http://www.dlink.com (no public mail address for such cases could be found). The first responses claimed that the problem must be within a wrong configuration setting. Further discussions were initiated.
The support was not able to understand the problem. Not even after several step-by-step guides and examples. They always suggest I have to upgrade to the latest firmware and they could not verify the problem. Therefore, no official solution, workaround or patch is available.
VIII. SOURCES
scip AG - Security Consulting Information Process (german) http://www.scip.ch/
scip AG Vulnerability Database (german) http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808
computec.ch document data base (german) http://www.computec.ch/download.php
IX. DISCLOSURE TIMELINE
2008/07/25 Identification of the vulnerability by Marc Ruef 2008/07/28 First information to D-Link via web form 2008/07/28 First reply by D-Link support via support@service.dlink.biz (ticket id 1375981) 2008/07/29 Providing our config for further analysis 2008/08/06 Request for actual status (no reply) 2008/08/29 Another request for actual status 2008/08/29 Response could not verify the problem 2008/09/01 Detailed explanation of the exploitation 2008/09/01 Responder could still not understand the problem 2008/09/08 Public disclosure of the advisory
X. CREDITS
The vulnerability was discovered by Marc Ruef.
Marc Ruef, scip AG, Zuerich, Switzerland
maru-at-scip.ch
http://www.scip.ch/
A1. BIBLIOGRAPHY
[1] http://www.securityfocus.com/bid/10404 [2] http://seclists.org/bugtraq/2004/May/0263.html [3] http://www.computec.ch/projekte/atk/
A2. LEGAL NOTICES
Copyright (c) 2007-2008 scip AG, Switzerland.
Permission is granted for the re-distribution of this alert. It may not be edited in any way without permission of scip AG.
The information in the advisory is believed to be accurate at the time of publishing based on currently available information. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect or consequential loss or damage from use of or reliance on this advisory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200405-0038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rp114",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "3.26"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1507"
},
{
"db": "BID",
"id": "10404"
},
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
},
{
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Ruef\u203b marc.ruef@computec.ch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2032",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-2032",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-10460",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-2032",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200405-059",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-10460",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10460"
},
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
},
{
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. NetGear RP114 router can access management through TELNET and HTTP. \n\n\u00a0NetGear RP114 router content filtering problem, remote attackers can use this vulnerability to access restricted resources. \n\n\u00a0If the URI string requested by the user exceeds 220 bytes, the content filtering function of NetGear RP114 can be bypassed. This problem can cause administrators to ignore some security. \nThis vulnerability may result in a false sense of security for a network administrator, where a malicious website is believed to be unreachable. In reality any host may contact blacklisted websites. D-Link DIR-100 long url filter evasion\n\nscip AG Vulnerability ID 3808 (09/08/2008)\nhttp://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808\n\nI. INTRODUCTION\n\nD-Link DIR-100 is a small and cost-effective router and firewall device\nfor small offices and home users. More details are available at the\nofficial product web site (German link):\n\n\nhttp://www.dlink.de/?go=gNTyP9CgrdFOIC4AStFCF834mptYKO9ZTdvhLPG3yV3oV492gqltbNlwaaFp6DQoHDrpxC5H+40AAdvl\n\nII. DESCRIPTION\n\nMarc Ruef at scip AG found a possibility to evade url filters of the web\nproxy to prevent access to web sites. \n\nAn attacker might add a very long string to the url to access web\nresources althought their access is forbidden. \n\nThis problem could be verified in all firmware versions up to v1.12. \n\nA similar vulnerability was already detected years ago in a similar\ndevice Netgear RP114. [1, 2]\n\nIII. EXPLOITATION\n\nIt is possible to exploit the vulnerability with a common web browser by\nusing a long url (approx. 1\u0027300 chars). You can expand the length of the\nurl by adding a non-used http get request parameter. Example url:\n\n http://www.scip.ch/?foo=aaa(...)\n\nA video illustrating this issue is available at the following url:\n\n http://de.youtube.com/watch?v=WTzPn37XNl4\n\nThe Attack Tool Kit (ATK)[3] is able to exploit this vulnerability with\nthe following generic ASL code (expand the long URL request):\n\n open|send GET http://www.scip.ch/?foo=aaa(...)\nHTTP/1.0\\n\\n|sleep|close|pattern_not_exists *This URL is \u003cfont\ncolor=red\u003eblocked\u003c/font\u003e by administrator !*\n\nIV. \n\nV. DETECTION\n\nDetection of web based attacks requires a specialized web proxy and/or\nintrusion detection system. Patterns for such a detection are available\nand easy to implement. \n\nVI. SOLUTION\n\nWe have informed D-Link on an early stage. Our technical requests were\nnot answered nor confirmed. Therefore, not official statement, patch or\nupgrade is available. \n\nWe suggest the use of another device for filtering forbidden web\nresources successfully. \n\nVII. VENDOR RESPONSE\n\nD-Link has been informed first via the unhandy web form at\nhttp://www.dlink.com (no public mail address for such cases could be\nfound). The first responses claimed that the problem must be within a\nwrong configuration setting. Further discussions were initiated. \n\nThe support was not able to understand the problem. Not even after\nseveral step-by-step guides and examples. They always suggest I have to\nupgrade to the latest firmware and they could not verify the problem. \nTherefore, no official solution, workaround or patch is available. \n\nVIII. SOURCES\n\nscip AG - Security Consulting Information Process (german)\nhttp://www.scip.ch/\n\nscip AG Vulnerability Database (german)\nhttp://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808\n\ncomputec.ch document data base (german)\nhttp://www.computec.ch/download.php\n\nIX. DISCLOSURE TIMELINE\n\n2008/07/25 Identification of the vulnerability by Marc Ruef\n2008/07/28 First information to D-Link via web form\n2008/07/28 First reply by D-Link support via support@service.dlink.biz\n(ticket id 1375981)\n2008/07/29 Providing our config for further analysis\n2008/08/06 Request for actual status (no reply)\n2008/08/29 Another request for actual status\n2008/08/29 Response could not verify the problem\n2008/09/01 Detailed explanation of the exploitation\n2008/09/01 Responder could still not understand the problem\n2008/09/08 Public disclosure of the advisory\n\nX. CREDITS\n\nThe vulnerability was discovered by Marc Ruef. \n\n Marc Ruef, scip AG, Zuerich, Switzerland\n maru-at-scip.ch\n http://www.scip.ch/\n\nA1. BIBLIOGRAPHY\n\n[1] http://www.securityfocus.com/bid/10404\n[2] http://seclists.org/bugtraq/2004/May/0263.html\n[3] http://www.computec.ch/projekte/atk/\n\nA2. LEGAL NOTICES\n\nCopyright (c) 2007-2008 scip AG, Switzerland. \n\nPermission is granted for the re-distribution of this alert. It may not\nbe edited in any way without permission of scip AG. \n\nThe information in the advisory is believed to be accurate at the time\nof publishing based on currently available information. There are no\nwarranties with regard to this information. Neither the author nor the\npublisher accepts any liability for any direct, indirect or\nconsequential loss or damage from use of or reliance on this advisory",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2032"
},
{
"db": "CNVD",
"id": "CNVD-2004-1507"
},
{
"db": "BID",
"id": "10404"
},
{
"db": "VULHUB",
"id": "VHN-10460"
},
{
"db": "PACKETSTORM",
"id": "69733"
}
],
"trust": 1.89
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-10460",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10460"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-2032",
"trust": 2.3
},
{
"db": "BID",
"id": "10404",
"trust": 2.1
},
{
"db": "OSVDB",
"id": "6411",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "11698",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200405-059",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2004-1507",
"trust": 0.6
},
{
"db": "XF",
"id": "114",
"trust": 0.6
},
{
"db": "XF",
"id": "16238",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040524 NETGEAR RP114 URL FILTER FAILS IF URL IS TOO LONG",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "24140",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-77875",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-10460",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69733",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1507"
},
{
"db": "VULHUB",
"id": "VHN-10460"
},
{
"db": "BID",
"id": "10404"
},
{
"db": "PACKETSTORM",
"id": "69733"
},
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
},
{
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"id": "VAR-200405-0038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10460"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:21:56.023000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/10404"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/6411"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11698"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16238"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16238"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/product_view.asp?xrp=4\u0026yrp=12\u0026zrp=93"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108541203427391\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://de.youtube.com/watch?v=wtzpn37xnl4"
},
{
"trust": 0.1,
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808"
},
{
"trust": 0.1,
"url": "http://www.dlink.com"
},
{
"trust": 0.1,
"url": "http://www.computec.ch/projekte/atk/"
},
{
"trust": 0.1,
"url": "http://www.dlink.de/?go=gntyp9cgrdfoic4astfcf834mptyko9ztdvhlpg3yv3ov492gqltbnlwaafp6dqohdrpxc5h+40aadvl"
},
{
"trust": 0.1,
"url": "http://www.computec.ch/download.php"
},
{
"trust": 0.1,
"url": "http://www.scip.ch/"
},
{
"trust": 0.1,
"url": "http://seclists.org/bugtraq/2004/may/0263.html"
},
{
"trust": 0.1,
"url": "http://www.scip.ch/?foo=aaa(...)"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10460"
},
{
"db": "BID",
"id": "10404"
},
{
"db": "PACKETSTORM",
"id": "69733"
},
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
},
{
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2004-1507"
},
{
"db": "VULHUB",
"id": "VHN-10460"
},
{
"db": "BID",
"id": "10404"
},
{
"db": "PACKETSTORM",
"id": "69733"
},
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
},
{
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1507"
},
{
"date": "2004-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-10460"
},
{
"date": "2004-05-24T00:00:00",
"db": "BID",
"id": "10404"
},
{
"date": "2008-09-08T15:23:16",
"db": "PACKETSTORM",
"id": "69733"
},
{
"date": "2004-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200405-059"
},
{
"date": "2004-05-24T04:00:00",
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1507"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10460"
},
{
"date": "2004-05-24T00:00:00",
"db": "BID",
"id": "10404"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200405-059"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-2032"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear RP114 content filtering bypasses vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1507"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200405-059"
}
],
"trust": 0.6
}
}
VAR-200512-0229
Vulnerability from variot - Updated: 2025-04-03 22:21Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap. NetGear RP114 is a broadband access router suitable for various lines and various access methods.
NetGear RP114 has vulnerabilities in handling a large amount of malicious network traffic, causing the device to malfunction. The NetGear RP114 device is prone to a denial of service vulnerability. This issue allows attackers to block network traffic to arbitrarily targeted network services, effectively denying service to legitimate users of the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0229",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rp114",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "3.26"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2005-4791"
},
{
"db": "BID",
"id": "15816"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
},
{
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Ruef marc.ruef@computec.ch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
}
],
"trust": 0.6
},
"cve": "CVE-2005-4220",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-4220",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-15428",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-4220",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-258",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-15428",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15428"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
},
{
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap. NetGear RP114 is a broadband access router suitable for various lines and various access methods. \n\n\u00a0NetGear RP114 has vulnerabilities in handling a large amount of malicious network traffic, causing the device to malfunction. The NetGear RP114 device is prone to a denial of service vulnerability. \nThis issue allows attackers to block network traffic to arbitrarily targeted network services, effectively denying service to legitimate users of the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4220"
},
{
"db": "CNVD",
"id": "CNVD-2005-4791"
},
{
"db": "BID",
"id": "15816"
},
{
"db": "VULHUB",
"id": "VHN-15428"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-4220",
"trust": 2.3
},
{
"db": "BID",
"id": "15816",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "11698",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200512-258",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2005-4791",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051212 [SCIP_ADVISORY] NETGEAR RP114 FLOODING DENIAL OF SERVICE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051212 RE: [FULL-DISCLOSURE] [SCIP_ADVISORY] NETGEAR RP114 FLOODING DENIAL OFSERVICE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051213 RE: [SCIP_ADVISORY] NETGEAR RP114 FLOODING DENIAL OF SERVICE",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-15428",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2005-4791"
},
{
"db": "VULHUB",
"id": "VHN-15428"
},
{
"db": "BID",
"id": "15816"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
},
{
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"id": "VAR-200512-0229",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-15428"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:21:55.993000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15428"
},
{
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/15816"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11698/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/419485/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/419244/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/419243/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/product_view.asp?xrp=4\u0026yrp=12\u0026zrp=93"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15428"
},
{
"db": "BID",
"id": "15816"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
},
{
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2005-4791"
},
{
"db": "VULHUB",
"id": "VHN-15428"
},
{
"db": "BID",
"id": "15816"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
},
{
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2005-4791"
},
{
"date": "2005-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-15428"
},
{
"date": "2005-12-12T00:00:00",
"db": "BID",
"id": "15816"
},
{
"date": "2005-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-258"
},
{
"date": "2005-12-14T11:03:00",
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2005-4791"
},
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-15428"
},
{
"date": "2005-12-12T00:00:00",
"db": "BID",
"id": "15816"
},
{
"date": "2007-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-258"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-4220"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetGear RP114 SYN Flood Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2005-4791"
},
{
"db": "BID",
"id": "15816"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-258"
}
],
"trust": 0.6
}
}
CVE-2005-4220 (GCVE-0-2005-4220)
Vulnerability from nvd – Published: 2005-12-14 11:00 – Updated: 2024-08-07 23:38
VLAI?
Summary
Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051212 Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded"
},
{
"name": "15816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15816"
},
{
"name": "20051212 [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded"
},
{
"name": "20051213 Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded"
},
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11698/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051212 Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded"
},
{
"name": "15816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15816"
},
{
"name": "20051212 [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded"
},
{
"name": "20051213 Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded"
},
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11698/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051212 Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded"
},
{
"name": "15816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15816"
},
{
"name": "20051212 [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded"
},
{
"name": "20051213 Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded"
},
{
"name": "11698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11698/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4220",
"datePublished": "2005-12-14T11:00:00",
"dateReserved": "2005-12-14T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2032 (GCVE-0-2004-2032)
Vulnerability from nvd – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:15
VLAI?
Summary
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11698"
},
{
"name": "20040524 Netgear RP114 URL filter fails if URL is too long",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"name": "6411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6411"
},
{
"name": "netgearrp114-long-url-filter-bypass(16238)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16238"
},
{
"name": "10404",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11698"
},
{
"name": "20040524 Netgear RP114 URL filter fails if URL is too long",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"name": "6411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6411"
},
{
"name": "netgearrp114-long-url-filter-bypass(16238)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16238"
},
{
"name": "10404",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11698"
},
{
"name": "20040524 Netgear RP114 URL filter fails if URL is too long",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"name": "6411",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6411"
},
{
"name": "netgearrp114-long-url-filter-bypass(16238)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16238"
},
{
"name": "10404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2032",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2020 (GCVE-0-2002-2020)
Vulnerability from nvd – Published: 2005-07-14 04:00 – Updated: 2024-09-16 17:54
VLAI?
Summary
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:16.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5036",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5036"
},
{
"name": "20020617 External access to Netgear RP114 \"firewall\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0177.html"
},
{
"name": "netgear-default-external-access(9371)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9371.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-14T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5036",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5036"
},
{
"name": "20020617 External access to Netgear RP114 \"firewall\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0177.html"
},
{
"name": "netgear-default-external-access(9371)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9371.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5036"
},
{
"name": "20020617 External access to Netgear RP114 \"firewall\"",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0177.html"
},
{
"name": "netgear-default-external-access(9371)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9371.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2020",
"datePublished": "2005-07-14T04:00:00Z",
"dateReserved": "2005-07-14T00:00:00Z",
"dateUpdated": "2024-09-16T17:54:06.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0127 (GCVE-0-2002-0127)
Vulnerability from nvd – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3876",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3876"
},
{
"name": "20020115 Vulnerability Netgear RP-114 Router - nmap causes DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/250405"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3876",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3876"
},
{
"name": "20020115 Vulnerability Netgear RP-114 Router - nmap causes DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/250405"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3876"
},
{
"name": "20020115 Vulnerability Netgear RP-114 Router - nmap causes DOS",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/250405"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0127",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4220 (GCVE-0-2005-4220)
Vulnerability from cvelistv5 – Published: 2005-12-14 11:00 – Updated: 2024-08-07 23:38
VLAI?
Summary
Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051212 Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded"
},
{
"name": "15816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15816"
},
{
"name": "20051212 [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded"
},
{
"name": "20051213 Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded"
},
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11698/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051212 Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded"
},
{
"name": "15816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15816"
},
{
"name": "20051212 [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded"
},
{
"name": "20051213 Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded"
},
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11698/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051212 Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded"
},
{
"name": "15816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15816"
},
{
"name": "20051212 [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded"
},
{
"name": "20051213 Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded"
},
{
"name": "11698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11698/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4220",
"datePublished": "2005-12-14T11:00:00",
"dateReserved": "2005-12-14T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2020 (GCVE-0-2002-2020)
Vulnerability from cvelistv5 – Published: 2005-07-14 04:00 – Updated: 2024-09-16 17:54
VLAI?
Summary
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:16.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5036",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5036"
},
{
"name": "20020617 External access to Netgear RP114 \"firewall\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0177.html"
},
{
"name": "netgear-default-external-access(9371)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9371.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-14T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5036",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5036"
},
{
"name": "20020617 External access to Netgear RP114 \"firewall\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0177.html"
},
{
"name": "netgear-default-external-access(9371)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9371.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5036"
},
{
"name": "20020617 External access to Netgear RP114 \"firewall\"",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0177.html"
},
{
"name": "netgear-default-external-access(9371)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9371.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2020",
"datePublished": "2005-07-14T04:00:00Z",
"dateReserved": "2005-07-14T00:00:00Z",
"dateUpdated": "2024-09-16T17:54:06.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2032 (GCVE-0-2004-2032)
Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:15
VLAI?
Summary
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11698"
},
{
"name": "20040524 Netgear RP114 URL filter fails if URL is too long",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"name": "6411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6411"
},
{
"name": "netgearrp114-long-url-filter-bypass(16238)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16238"
},
{
"name": "10404",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11698"
},
{
"name": "20040524 Netgear RP114 URL filter fails if URL is too long",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"name": "6411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6411"
},
{
"name": "netgearrp114-long-url-filter-bypass(16238)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16238"
},
{
"name": "10404",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11698"
},
{
"name": "20040524 Netgear RP114 URL filter fails if URL is too long",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108541203427391\u0026w=2"
},
{
"name": "6411",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6411"
},
{
"name": "netgearrp114-long-url-filter-bypass(16238)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16238"
},
{
"name": "10404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2032",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0127 (GCVE-0-2002-0127)
Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3876",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3876"
},
{
"name": "20020115 Vulnerability Netgear RP-114 Router - nmap causes DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/250405"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3876",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3876"
},
{
"name": "20020115 Vulnerability Netgear RP-114 Router - nmap causes DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/250405"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3876"
},
{
"name": "20020115 Vulnerability Netgear RP-114 Router - nmap causes DOS",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/250405"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0127",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}