NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Successful hack of our SRX5308
Hi, Our SRX5308 was successfully hackedon Sep 27th. They seem to have found a SQL password that keeps users in a an internal database and injected a new user 'app'. We had SYSLOG to another machine ...
Same exploit on my FVS318Gv2 running firmware 4.3.5-3. Same user "app" added via SQL insertion on the login/password form. Not clear if anything was taken.
[FVS318Gv2]Wed Nov 20 06:51:56 2019(GMT-0700) [FVS318Gv2][SSLVPN][SSLVPN] Administrator app is successfully added. Group: geardomain User TimeOut: 5
[FVS318Gv2]Wed Nov 20 06:51:58 2019(GMT-0700) [FVS318Gv2][SSLVPN][SSLVPN] SSL_INFO : Login Successful for geardomain user app(Admin) from host 139.180.209.90
[FVS318Gv2]Wed Nov 20 06:51:58 2019(GMT-0700) [FVS318Gv2][System][LOGIN] SSL_INFO : Login Successful for geardomain user app(Admin) from host 139.180.209.90
[FVS318Gv2]Wed Nov 20 06:52:14 2019(GMT-0700) [FVS318Gv2][SSLVPN][SSLVPN] SSL_INFO :user app is Logged-Out successfully from host 139.180.209.90
[FVS318Gv2]Wed Nov 20 06:52:14 2019(GMT-0700) [FVS318Gv2][System][LOGIN] SSL_INFO :user app is Logged-Out successfully from host 139.180.209.90
[FVS318Gv2]Wed Nov 20 06:52:15 2019(GMT-0700) [FVS318Gv2][SSLVPN][SSLVPN] SSL_ERROR: Invalid Password for user myxxxx';delete from USERDBUsers where UserName='app';'
[FVS318Gv2]Wed Nov 20 06:52:15 2019(GMT-0700) [FVS318Gv2][System][LOGIN] SSL_ERROR: Invalid Password for user myxxxx';delete from USERDBUsers where UserName='app';'
[FVS318Gv2]Wed Nov 20 06:52:17 2019(GMT-0700) [FVS318Gv2][SSLVPN][SSLVPN] Deleted User app
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
