Netgear DGN3500

Question

Netgear DGN3500

Opened this issue 11 years ago · 12 comments

The port is open and respond on request. I tried the option that show admin password too and it work, so it's confirmed.

Answer 1 · 2014-01-03T00:32:52.000Z

Thank you, added :)

Answer 2 · 2014-01-05T10:57:32.000Z

Hi,
i've tested my DGN3500 (Software V1.1.00.28_1.00.28GR) with telnet ( telnet routerip 32764“ ) and a portscan of the 32764 port and did not get a response.
I know another guy who has also a DGN3500 and also didnt get a response.

Greetings

Answer 3 · 2014-01-05T12:02:31.000Z

Intresting, I have firmware V1.1.00.33_1.00.33
https://www.dropbox.com/s/l4n1ubq6hu6a2fh/screen.png

Answer 4 · 2014-01-05T15:30:40.000Z

Ok... lesson learned: Never trust a Windows telnet client:

this on is from a qnap nas:

http://abload.de/img/screenshot2014-01-051g8uyu.png

Answer 5 · 2014-01-05T16:35:47.000Z

Why people don't use the provided PoC?! :)

Answer 6 · 2014-01-16T21:02:36.000Z

Using this custom firmware http://alfie.altervista.org/amod/

probably not vulnerable (error: timed out)

Answer 7 · 2014-01-17T09:23:03.000Z

Thank you :)
Could you do a pull request to add this solution to the list?

Answer 8 · 2014-01-26T20:29:47.000Z

Tested poc.py on DGN3500 (LAN Interface, did not test WAN)
affected international firmware versions:

V1.1.00.16_1.00.16
V1.1.00.22_1.00.22
V1.1.00.25_1.00.25
V1.1.00.28_1.00.28
V1.1.00.33_1.00.33

http://kb.netgear.com/app/answers/detail/a_id/2649

Answer 9 · 2014-02-03T22:27:30.000Z

Using http://alfie.altervista.org/amod/ fixed it for me. Great firmware.

Answer 10 · 2014-02-03T22:38:51.000Z

I'll add it to the possible fixes, thanks ;)

Answer 11 · 2014-02-03T22:50:35.000Z

already did that 12 days ago :D

Answer 12 · 2014-02-04T09:14:58.000Z

This wasn't listed in the possible solutions :)
I'll add your comment in the credits ;)