NETGEAR WAC124 - Authentication Bypass

What is the "NETGEAR WAC124 - Authentication Bypass?"

The "NETGEAR WAC124 - Authentication Bypass" module is designed to detect an authentication bypass vulnerability in NETGEAR WAC124 AC2000 routers. This module targets the NETGEAR WAC124 router, which is an IoT device commonly used for home or small office networks. The severity of this vulnerability is classified as high, indicating the potential for significant unauthorized access to the router.

Impact

If successfully exploited, the authentication bypass vulnerability in the NETGEAR WAC124 router allows an attacker to gain unauthorized access to the device. This can lead to various malicious activities, such as modifying router settings, intercepting network traffic, or launching further attacks on connected devices within the network.

How the module works?

The "NETGEAR WAC124 - Authentication Bypass" module works by sending a specific HTTP request to the target router. The request path used is "/setup.cgi?next_file=debug.htm&x=currentsetting.htm" with the GET method. The module then applies matching conditions to determine if the vulnerability is present.

The matching conditions used in this module are:

- Status: The HTTP response status code must be 200, indicating a successful request. - Word: The response body must contain the phrase "Enable Telnet".

If both matching conditions are met, the module identifies the presence of the authentication bypass vulnerability in the NETGEAR WAC124 router.