SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Sweex Router Vendors:   Sweex Europe
Sweex Wireless Broadband Router Disclosed Administrative Password to Remote Users
SecurityTracker Alert ID:  1010143
SecurityTracker URL:  http://securitytracker.com/id/1010143
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 12 2004
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information
Exploit Included:  Yes  
Version(s): LC000060
Description:   An information disclosure vulnerability was reported in the Sweex Wireless Broadband Router. A remote user can obtain the device's configuration information, including passwords.

Mark Janssen reported that a remote user that is connected to the wireless device can obtain configuration data, including the administrative username and password, from the device. This can be achieved by connecting to the TFTP port and downloading any file where the filename begins with 'nvram', the report said.

The report also states that if the device is configured as a broadband router, then the username and password for the broadband connection can also be obtained.

The Unex WF514 may also be affected, but the report indicates that was not verified.

The vendor was reportedly notified on May 12, 2004.

Impact:   A remote user can obtain configuration data, including the administrative username and password, from the device.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.sweexeurope.com/product.asp?pid=288 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC