# Exploit Title: Password Disclosure vulnerability # Software: NETGEAR DGN2200 # Software Link: netgear.com # Version: DGN2200 # Author: Dolev Farhi, email: dolev(at)openflare(dot)org # Date: 23.7.2014 # Tested on: Kali Linux # Firmware 1.0.0.29_1.7.29_HotS 2. Vulnerability Description: =============================== An attacker is able to extract sensitive information such as the password from the Basic Settings router page due to storing it in plaintext. 3. Steps to reproduce: ====================== Navigate to the Basic Settings page, right click in the browser -> view source/frame html>