| Title | Netgear R7000 — Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router V1.0.11.136_10.2.120 Denial of Service |
|---|
| Description | # DoS Attack in Netgear-R7000 Router (2)
## Overview
* Type: Dos Attack
* Supplier: Netgear (https://www.netgear.com/)
* Victim URL: http://192.168.1.1/WIZ_fix.htm (hidden page)
* Product: R7000 — Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router
* Affect version: V1.0.11.136_10.2.120
* Firmware download: https://www.downloads.netgear.com/files/GDC/R7000/R7000-V1.0.11.136_10.2.120.zip
R7000 — Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router
## Description
The vulnerability causes the device's service down remotely on the device by crafting a request to the web where there should be no context to access. More seriously, the status can only be recovered by resetting the device to the initial factory settings.
## Steps to Reproduce
I have put the PoC (exp.py) in the attachments. The parameters are as below:
1. username, password: normal user (default: admin, password).
2. device_web_ip: web IP address of the target device.
|
|---|
| Source | ⚠️ https://github.com/leetsun/IoT-Vuls/tree/main/Netgear-R7000/2 |
|---|
| User | leetmoon (UID 42673) |
|---|
| Submission | 09/02/2024 09:33 (2 years ago) |
|---|
| Moderation | 09/11/2024 13:31 (9 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 189142 [Netgear RBS850 denial of service] |
|---|
| Points | 0 |
|---|