Flaw in Alice gate2 pluswifi adsl modem

2009-09-06 / 2009-09-07
Credit: wargame89
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-352


Ogólna skala CVSS: 6.8/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 8.6/10
Wymagany dostęp: Zdalny
Złożoność ataku: Średnia
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

Discovered by WarGame/DoomRiderz HomePage: http://vx.netlux.org/wargamevx mail addr: wargame89 (at) yahoo (dot) it [email concealed] Vulnerable device: Alice gate 2 plus wifi Vendor's page: http://aiuto.alice.it/informazioni/modemadsl/alice_gate2adv.html It seems to be possible to disable the wifi encryption using the following url: http://192.168.1.1/cp06_wifi_m_nocifr.cgi?wlChannel=Auto&wlRadioEnable=on This can be done because there is no authentication scheme to access the admin panel of the modem, everyone can access it. Common scenario: The attacker sends to the victim (using emails, IM or IRC) the malicious link and with some social techs makes the victim click on it. After this, the attacker can access the victim's wlan that is now open to everybody. Other devices of the same family could be vulnerable too but I did not test it.

Referencje:

http://xforce.iss.net/xforce/xfdb/39831
http://www.securityfocus.com/bid/27374
http://www.securityfocus.com/archive/1/archive/1/486733/100/200/threaded
http://secunia.com/advisories/28618
http://osvdb.org/40739


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top