SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   NetComm Router Vendors:   NetComm
NetComm NB1300 ADSL Router Default Configuration Discloses Administrator Password to Remote Users
SecurityTracker Alert ID:  1006579
SecurityTracker URL:  http://securitytracker.com/id/1006579
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 15 2003
Impact:   Disclosure of authentication information, Disclosure of system information, User access via network
Exploit Included:  Yes  
Version(s): NB1300 Router
Description:   A vulnerability was reported in the NetComm NB1300 ADSL Router. In the default configuration, a remote user can connect to the router's FTP server and obtain password information.

It is reported that, in the default configuration, the router's FTP server is accessible to remote users on the WAN interface. If the default password (user:admin, password:password) has not been changed, a remote user can gain access to files on the router, including the 'config.reg' file, which contains the username and password for the router.

The vendor has reportedly been notified without response.

Impact:   In the default configuration, the system allows remote users to obtain files from the router, including password information.
Solution:   No solution was available at the time of this entry.

The author of the report recommends that you disable the FTP WAN access and/or change the password of the Admin account.

Vendor URL:  www.netcomm.com.au/ (Links to External Site)
Cause:   Access control error, Configuration error

Message History:   None.


 Source Message Contents

Subject:  nb1300 router - default settings expose password




_____________________________________________
Buqtraq post

Vendor: Netcomm Australia

www.netcomm.com.au

Netcomm, Vulnerability in FTP server

NB 1300 modem/router

Affected firmware: all known versions

______________________________________________

Description and Background:

The NB1300 has by default the ftp server (VxWorks (5.4.1)) exposed to the 
WAN interface. 
The default password is often not changed by the User.
User: admin Password: password
When connection is made to the ftp server the routers core system 
Files are exposed to the admin account. 
Perform a simple "get config.reg" and the username and password 
Of the account are given in clear text.

_______________________________________________

Impact:

1.
The username and password may be used to access the users 
Account details, collect their email, use the data available to them 
Etc... 
2. (untested) The system files of the VxWorks (5.4.1) OS may be modified 
or deleted 
to impact a denial of service, rendering device useless.

_______________________________________________

Fix: disable the ftp WAN access and/or change
Admin account details.

_______________________________________________

Recommendations:
Vendor to supply product with interface disabled by default 
_______________________________________________
Vendor:

Has been notified 04/03/2003 
No response received
_______________________________________________

denote@freemail.com.au

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC