Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NetGear WNDR3300 affected #7

Open
ghost opened this issue Feb 19, 2015 · 2 comments
Open

NetGear WNDR3300 affected #7

ghost opened this issue Feb 19, 2015 · 2 comments

Comments

@ghost
Copy link

ghost commented Feb 19, 2015

My NetGear WNDR3300 running Firmware V1.0.45 is vulnerable similar to my R6300 (#3) on the UPnP port (5000) using the path http://ROUTER-IP-ADDR:5000/soap/server_sa/.

I had UPnP enabled on my WNDR3300 and after turning it off it was no longer vulnerable as port 5000 was closed.
I never had UPnP enabled on my R6300 and even after enabling and disabling UPnP, port 5000 is still open and the router vulnerable.

Regards,
Robert Müller
@darkarnium
Copy link
Owner

Hi there,

Thank you for this additional information. I will test against a few devices I have for testing, and have a look through firmware this evening. I will update the document(s) accordingly later on today.

Regards,
Peter

@abliss
Copy link

abliss commented Jun 8, 2016

Same story for the WNDR3400v3 running V1.0.0.20_1.0.28 . I had to edit the PoC to use the /soap/server_sa path.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@abliss @darkarnium