[36930] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

3COM Wireless router (3CRADSL72) information disclosure

daemon@ATHENA.MIT.EDU (Karb0nOxyde -)
Thu Oct 14 17:30:52 2004

Message-ID: <f55d599e041013122636e947f@mail.gmail.com>
Date: Wed, 13 Oct 2004 21:26:27 +0200
From: Karb0nOxyde - <karb0noxyde@gmail.com>
Reply-To: Karb0nOxyde - <karb0noxyde@gmail.com>
To: BUGTRAQ <bugtraq@securityfocus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

The router gives you a web page with user name, password, primary and
secondary DNS, default gateway, etc, if you access
http://[routerIP]/app_sta.stm without athentification of any kind.

Router details:
   Runtime Code Version	1.05 (Jan 27 2004 14:58:25)
   Boot Code Version	V1.3d
   Hardware Version	01A
   ADSL Modem Code Version	13.9.38

The password given is the password that you use to connect to the
internet, not to the router.
-- 
karb0noxyde


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[36930] in bugtraq

3COM Wireless router (3CRADSL72) information disclosure

daemon@ATHENA.MIT.EDU (Karb0nOxyde -)Thu Oct 14 17:30:52 2004

daemon@ATHENA.MIT.EDU (Karb0nOxyde -)
Thu Oct 14 17:30:52 2004