Device: Netgear RP614v4
Firmware version: v1.1.2_09.01
Firmware release date: November 2009
HTTP service: Boa HTTPd 0.93.15
Exploit release date: Wednesday March 24, 2010
Default router credentials:
The Netgear RP614v4 is susceptible to an end user making a request for the netgear.cfg file which is located at:
This file, is a plain text ASCII file that contains the router’s password at line 216, which looks similar to this:
You don’t have to authenticate to obtain this file at all.
The qualm with this exploit is that, it works in the LAN that the router is on, or even remotely over a WAN, that is if the remote administration
option is enabled and the default port for this is 8080.