Announcement

Collapse
No announcement yet.

Netgear WNR2000 - bad LTEC units

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Netgear WNR2000 - bad LTEC units

    On a Netgear WNR2000 (v1 - no version suffix on model label, with the FCC ID being PY308200083), I found a lot of bulging LTEC units inside being all of the 100uF 25V units and the 470uF 10V unit.
    When all of the LTEC units were replaced, the unit works perfectly, and I am now contemplating converting this unit to a wireless bridge (enable the connection of wired-only devices to a wireless network) with OpenWRT firmware.
    Attached Files
    Last edited by japlytic; 02-10-2016, 04:36 AM. Reason: Attachments
    My first choice in quality Japanese electrolytics is Nippon Chemi-Con, which has been in business since 1931... the quality of electronics is dependent on the quality of the electrolytics.
    Tags: None
    #2
    Re: Netgear WNR2000 - bad LTEC units

    I think their routers run pretty hot and thanks for the LTEC info.

    As much as I like Netgear routers, some of them have security holes:
    "NetGear Wireless-N WNR2000 router contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to access sensitive information or bypass security restrictions on a targeted system.

    The vulnerabilities exist because the affected firmware fails to impose sufficient security restrictions on incoming HTTP GET requests.? An unauthenticated, remote attacker could exploit these vulnerabilities to access sensitive information like WPA/WPA2 encryption passphrases via the router-info.htm page or passwords for the web administrative interface via the cgi-bin/NETGEAR_WNR2000.cfg configuration file.

    Reports indicate that a security bypass vulnerability also exists in the cgi-bin/upg_restore.cgi script.? An attacker could exploit the flaw in the cgi-bin/upg_restore.cgi script by submitting malicious HTTP POST requests to the affected firmware using information gathered from the cgi-bin/NETGEAR_WNR2000.cfg file vulnerability.? Successful exploitation could allow the attacker to modify administrative credentials for the web interface.

    Proof-of-concept code that demonstrates an exploit of each vulnerability is publicly available."

    https://tools.cisco.com/security/cen...gnatureSubId=0

    Comment

    Previous template Next
    Working...