CVE-2014-2969 Information

Description

NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account which allows remote attackers to upload firmware or read or modify memory contents and consequently execute arbitrary code via a request to (1) produce_burn.cgi (2) register_debug.cgi or (3) bootcode_update.cgi.

Reference

http://www.kb.cert.org/vuls/id/143740