SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Ericsson Modem Vendors:   Ericsson
(Vendor Confirms) Re: Ericsson ADSL Modem Web Management Interface Grants Access to Any Remote User
SecurityTracker Alert ID:  1006139
SecurityTracker URL:  http://securitytracker.com/id/1006139
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 21 2003
Impact:   Root access via network
Vendor Confirmed:  Yes  
Version(s): Model HM220dp
Description:   An authentication vulnerability was reported in the Ericsson HM220dp ADSL Modem. A remote user can access the device via the web-based interface.

It is reported that the device's web interface does not and cannot authenticate remote users. In some versions, the web administration page may only be accessible via the local area network (LAN).

The vendor has reportedly been notified.

Impact:   A remote user can access the web management interface.
Solution:   The vendor reports that they are working on a solution. More information is to be made available in the following week.
Vendor URL:  www.ericsson.com/homeproducts/broadbandmodem/adsl_hm220d_spec.shtml (Links to External Site)
Cause:   Authentication error

Message History:   This archive entry is a follow-up to the message listed below.
Feb 11 2003 Ericsson ADSL Modem Web Management Interface Grants Access to Any Remote User



 Source Message Contents

Subject:  RE: Ericsson HM220dp ADSL modem Insecure Web Administration Vulne


Hi all,

Ericsson is working on this issue now. A solution for this problem is on the way, we will come back with more information in next
 week on this.

Best regards,

Ericsson Broadband Access


-----Original Message-----
Sent: den 13 februari 2003 10:17
To: bugtraq@securityfocus.com
Subject: Re: Ericsson HM220dp ADSL modem Insecure Web Administration
Vulnerability


At 08:37 2003-02-11 +0100, you wrote:
>Ericsson HM220dp ADSL modem Insecure Web Administration Vulnerability
>Discussion:
>Ericsson HM220dp is a small office enviroment ADSL modem, distributed
>by many Carriers such as Telecom Italia to thousand users.
>It may be administered remotely through a number of mechanisms,
>including a web based interface.
>Unfortunately, the web interface does not require authentication
>and does not give the possibility to require it.
>Unauthorized users accessing the web pages may perform a variety of 
>malicious actions.
>By the way Ericsson forced the modem in "Bridged" mode with a modified 
>firmware, so the web administration page could not be accessed from 
>Internet but "just" from any user of the lan.
>It is possible that other products of the same series share this 
>vulnerabilty.

Not according to my contacts at Ericsson. The vulnerability is limited to 
one batch of 6000 modems delivered to the Italian market, which is bad 
enough! The entire 220 series was discontinued in 2001.

>Solution:
>Ericsson has been contacted months ago but it's not still providing an 
>updated firmware version that could prevent the problem ignoring it.

If Ericsson is completely ignoring this issue, it is not good! However, it 
seems that they have provided an upgrade to limit unauthenticated access to 
the LAN side of the modem, which could be considered an acceptable solution.

/Fredrik

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC