NetGear Web GUI Password Recovery and Exposure Security Vulnerability
Article ID: 30632
NETGEAR is aware of the security issue that can expose web GUI login passwords while the password recovery feature is disabled. This vulnerability occurs when an attacker can access the internal network or when remote management is enabled on the router.
This software vulnerability affects certain NETGEAR devices:
The potential for password exposure remains if you do not complete both steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.
NETGEAR is working on a firmware fix and will email the download information to all registered users when the firmware becomes available.