| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 24 Jul 2005 12:00:34 +0200 From: "D ." <d.is.evil@...il.com> To: BugTraq@...urityfocus.com Subject: ECI router login bypass Title: ECI router verification bypass and DoS Date: 24/07/2005 Impact: Log in verification bypass Vendors Status: Not contacted (they were mean to me) Overview: The B-FOCuS Router 312+ provides users with a reliable and secured ADSL2+ connection to the Internet. The 312+ has a single Ethernet port 10/100 and can support either a single computer or multiple computers sharing a single ADSL2+ line when connecting to a switch. The router's internal stateful inspection firewall protects the user's PC from hackers and unwelcome intrusions. (Tested on B-FOCuS Router 312+ presumably works on all eci routers\products) Vulnerability: By default the eci router has a management interface available via http The interface is protected by a log in screen This screen can be easily bypassed by accessing the firmwarecfg page in the unprotected cgi-bin directory the page provides a way of downloading the routers current settings including connection passwords and management passowrds in plaintext also this page provides a means to reset the modem thus executing a denial a service attack by making the modem reset constantly furthermore the page provides facilities to upload new firmware Affected Version: All ECI routers Tested on ECI B-FOCuS Router 312+ PoC: http://10.0.0.138/cgi-bin/firmwarecfg Credits: Credits for this vulnerability goes to D D.is.evil[-A-t-]gmail.com Comments: Seeking work (in Israel)
Powered by blists - more mailing lists