Hi! I was checking the vulnerability "NETGEAR FVS318 Firewall Router Username/Password Disclosure"[1] on my NetGear FM114P. My little box doesn't store the web login username and password in plain text. But the DDNS (DynDNS) account data is stored in plaintext; this problem seems to be existent up to Firmware 1.3 Release 05. Also some interesting informations like MAC address filtering table are stored in plain text. It could be that NetGear will encrypt the whole backup settings in an upcoming firmware to serve additional backup security. Bye, Marc [1] http://www.securiteam.com/securitynews/5TP0Y008AQ.html -- Computer, Technik und Security http://www.computec.ch
