Date: 26 Feb 2006 10:00:48 -0000
From: [email protected]
To: [email protected]Subject: NETGEAR WGT624 Wireless DSL Firewall/Router vulnerability
X-Eagle-Notice: Sender not 8-bit clean in Subject: NETGEAR WGT624 \226 Wireless DSL Firewall/Router vulnerability
X-Virus-Scanned: antivirus-gw at tyumen.ru
When configured to backup configuration settings, the device will store various information in cleartext. Accessing this file could allow an attacker to obtain sensitive information which could aid the attacker in compromising the web administration interface of the device, DSL/cable account passwords, FTP passwords,etc.
It should be noted that the backup option is not enabled by default, but is a common feature used by administrators and attackers of course ;)