(Vendor Confirms) Re: Ericsson ADSL Modem Web Management Interface Grants Access to Any Remote User
SecurityTracker Alert ID: 1006139|
SecurityTracker URL: http://securitytracker.com/id/1006139
(Links to External Site)
Date: Feb 21 2003
Root access via network|
Vendor Confirmed: Yes |
Version(s): Model HM220dp|
An authentication vulnerability was reported in the Ericsson HM220dp ADSL Modem. A remote user can access the device via the web-based interface.|
It is reported that the device's web interface does not and cannot authenticate remote users. In some versions, the web administration page may only be accessible via the local area network (LAN).
The vendor has reportedly been notified.
A remote user can access the web management interface.|
The vendor reports that they are working on a solution. More information is to be made available in the following week.|
Vendor URL: www.ericsson.com/homeproducts/broadbandmodem/adsl_hm220d_spec.shtml (Links to External Site)
This archive entry is a follow-up to the message listed below.|
Source Message Contents
Subject: RE: Ericsson HM220dp ADSL modem Insecure Web Administration Vulne|
Ericsson is working on this issue now. A solution for this problem is on the way, we will come back with more information in next
week on this.
Ericsson Broadband Access
Sent: den 13 februari 2003 10:17
Subject: Re: Ericsson HM220dp ADSL modem Insecure Web Administration
At 08:37 2003-02-11 +0100, you wrote:
>Ericsson HM220dp ADSL modem Insecure Web Administration Vulnerability
>Ericsson HM220dp is a small office enviroment ADSL modem, distributed
>by many Carriers such as Telecom Italia to thousand users.
>It may be administered remotely through a number of mechanisms,
>including a web based interface.
>Unfortunately, the web interface does not require authentication
>and does not give the possibility to require it.
>Unauthorized users accessing the web pages may perform a variety of
>By the way Ericsson forced the modem in "Bridged" mode with a modified
>firmware, so the web administration page could not be accessed from
>Internet but "just" from any user of the lan.
>It is possible that other products of the same series share this
Not according to my contacts at Ericsson. The vulnerability is limited to
one batch of 6000 modems delivered to the Italian market, which is bad
enough! The entire 220 series was discontinued in 2001.
>Ericsson has been contacted months ago but it's not still providing an
>updated firmware version that could prevent the problem ignoring it.
If Ericsson is completely ignoring this issue, it is not good! However, it
seems that they have provided an upgrade to limit unauthenticated access to
the LAN side of the modem, which could be considered an acceptable solution.