CyberSec.Space Logo
Back to CVE Browser

CVE-2007-4361

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1820%
EPSS Percentile4.39th
PublishedAug 15, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.

Affected Platforms (CPE)

πŸ”Œ
Netgear

Readynas Raidiator

= 3.01c1-p1
πŸ”Œ
Netgear

Readynas Raidiator

= 3.01c1-p6

References & Advisories

πŸ”— http://secunia.com/advisories/26442
πŸ”— http://securityreason.com/securityalert/3017
πŸ”— http://www.infrant.com/forum/viewtopic.php?t=12249
πŸ”— http://www.infrant.com/forum/viewtopic.php?t=12313
πŸ”— http://www.infrant.com/forum/viewtopic.php?t=3366&start=30
πŸ”— http://www.osvdb.org/36357
πŸ”— http://www.securityfocus.com/archive/1/476266/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/25290

Related Vulnerabilities

CVE-2013-275110.0

Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4....

CVE-2013-27526.8

Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...