NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
References
Link | Resource |
---|---|
http://kb.netgear.com/app/answers/detail/a_id/30560 | Vendor Advisory |
http://www.kb.cert.org/vuls/id/778696 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2016-06-20T01:00:00
Updated: 2016-06-20T01:57:01
Reserved: 2015-11-19T00:00:00
Link: CVE-2015-8288
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-06-20T01:59:00.133
Modified: 2016-06-21T22:28:28.103
Link: CVE-2015-8288
JSON object: View
Redhat Information
No data.
CWE