Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "NETGEAR WAC124 - Authentication Bypass" module is designed to detect an authentication bypass vulnerability in NETGEAR WAC124 AC2000 routers. This module targets the NETGEAR WAC124 router, which is an IoT device commonly used for home or small office networks. The severity of this vulnerability is classified as high, indicating the potential for significant unauthorized access to the router.
If successfully exploited, the authentication bypass vulnerability in the NETGEAR WAC124 router allows an attacker to gain unauthorized access to the device. This can lead to various malicious activities, such as modifying router settings, intercepting network traffic, or launching further attacks on connected devices within the network.
The "NETGEAR WAC124 - Authentication Bypass" module works by sending a specific HTTP request to the target router. The request path used is "/setup.cgi?next_file=debug.htm&x=currentsetting.htm" with the GET method. The module then applies matching conditions to determine if the vulnerability is present.
The matching conditions used in this module are:
- Status: The HTTP response status code must be 200, indicating a successful request. - Word: The response body must contain the phrase "Enable Telnet".If both matching conditions are met, the module identifies the presence of the authentication bypass vulnerability in the NETGEAR WAC124 router.