[37443] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Router ZyXEL Prestige 650 HW http remote admin.

daemon@ATHENA.MIT.EDU (Francisco "José" Canela)
Mon Nov 22 17:53:56 2004

Date: 21 Nov 2004 22:42:49 -0000
Message-ID: <20041121224249.26481.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Francisco "José" Canela <darkydelphi@gmail.com>
To: bugtraq@securityfocus.com

Hi, I found a bug in ZyXEL Prestige 650 HW Routers with Http Remote Administration active. 

Exploting this bug, the attacker can reset the router configurantion.

The "/rpFWUpload.html" is not password protected. To exploit this bug you only need write that:

http://[Router ip]/rpFWUpload.html

and click the Reset button.

Sorry if this post is misspelling... but I'm from Spain and my english level is poor...

____________
Francisco José Canela


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[37443] in bugtraq

Router ZyXEL Prestige 650 HW http remote admin.

daemon@ATHENA.MIT.EDU (Francisco "José" Canela)Mon Nov 22 17:53:56 2004

daemon@ATHENA.MIT.EDU (Francisco "José" Canela)
Mon Nov 22 17:53:56 2004