{"id":55,"date":"2016-02-07T13:12:14","date_gmt":"2016-02-07T13:12:14","guid":{"rendered":"http:\/\/wp.lancs.ac.uk\/scc205blog\/?p=55"},"modified":"2016-04-14T11:23:24","modified_gmt":"2016-04-14T11:23:24","slug":"no-patches-for-code-exec-holes-in-netgear-management-box","status":"publish","type":"post","link":"http:\/\/wp.lancs.ac.uk\/scc205blog\/2016\/02\/07\/no-patches-for-code-exec-holes-in-netgear-management-box\/","title":{"rendered":"No patches for code exec holes in Netgear management box"},"content":{"rendered":"<p>February 7th 2016<\/p>\n<p><a href=\"http:\/\/www.theregister.co.uk\/2016\/02\/07\/no_patches_for_code_exec_holes_in_netgear_management_box\/\">CVE-2016-1524 can be used to gain &#8220;God-Mode&#8221;<\/a> on a netgear enterprise router. Essentially this could allow a remote attack to gain access to the router, globally and potentially monitor traffic along with causing an outage within a data centre. This could end up costing a company thousands to millions of pounds with reputational cost being even greater to Netgear.<\/p>\n<p>I&#8217;m curious why Netgear hasn&#8217;t released a fix for this, but what&#8217;s even more worrying is that the security researcher has released Metasploit modules. This means the average person(script kiddie) can use these modules to attack SMEs (Small and Medium Enterprises).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>February 7th 2016 CVE-2016-1524 can be used to gain &#8220;God-Mode&#8221; on a netgear enterprise router. Essentially this could allow a remote attack to gain access to the router, globally and potentially monitor traffic along with causing an outage within a data centre. This could end up costing a company thousands to millions of pounds with&hellip;<\/p>\n","protected":false},"author":481,"featured_media":56,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-55","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-new-problems-or-dramatic-failures"],"_links":{"self":[{"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/posts\/55","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/users\/481"}],"replies":[{"embeddable":true,"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/comments?post=55"}],"version-history":[{"count":3,"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/posts\/55\/revisions"}],"predecessor-version":[{"id":102,"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/posts\/55\/revisions\/102"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/media\/56"}],"wp:attachment":[{"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/media?parent=55"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/categories?post=55"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/wp.lancs.ac.uk\/scc205blog\/wp-json\/wp\/v2\/tags?post=55"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}