N/A

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password (RAX50w!a4udk). By unzipping the configuration using this password, a user can reconfigure settings not intended to be manipulated, re-zip the configuration, and restore a backup causing these settings to be changed.

N/A

N/A

Netgear RAX43 信任管理问题漏洞

Netgear RAX43是美国网件（Netgear）公司的一款无线路由器。 Netgear RAX43存在安全漏洞，该漏洞源于使用硬编码凭据。 由于配置备份是加密的，因此普通用户似乎并不打算能够操作配置备份。 这种加密是通过带有硬编码密码 (RAX50w!a4udk) 的受密码保护的 zip 文件完成的。 通过使用此密码解压缩配置，用户可以重新配置不打算被操纵的设置，重新压缩配置，并恢复导致这些设置被更改的备份。

N/A

N/A