[原文]NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration.
It is alleged that the vendor has released NetGear WG602 Access Point Firmware 1.7.15 to address this issue. This information is not confirmed at the moment. Please contact the vendor for more information. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .
NETGEAR WG602 Wireless Access Point Hardcoded Default Account
Remote / Network Access,
Local / Remote,
Loss of Integrity
By default, NetGear WG602 WAP contains a default administrative account which cannot be disabled. Depending on the firmware version, the default account "superman" or "super" has the password "21241036" or "5777364" respectively. Although some firmware versions may not be affected, both passwords are publicly known and documented. This allows attackers to trivially access the program or system.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue. The vendor has reportedly changed the default login and passwords used for the affected products.