ZTE ZXDSL 831 II Modem Arbitrary Add Admin User Vulnerability

2009-08-18 19:08:20

-----------------------------------------------------
-->> Found By SuNHouSe2 [ALGERIAN HaCkEr] <<--
--> Made in "Maghnia City" (DZ) <--
--> Contact : [email protected] <--
--> Greetz to : His0k4 all my friends <--
--> Good Ramadan to all muslims <--
-----------------------------------------------------

Exploit tested on modem with this informations :

ZTE CORPORATION

Date : NOV 2008
Product : ADSL Modem
Model : ZXDSL 831 II --> http://www.geeksecurity.org/tsttte.JPG
Firmware Version : ZXDSL 831IIV7.5.0a_E09_OV

-----------------------------------------------------
Introduction:

This modem is used by many providers in the world like
russia india and algeria [used by provider and all clients of "Easy ADSL"].

Exploit :
We can change easily the user and password admin and get full access to the modem.

Go only here and set new user and password:

http://192.168.1.1/adminpasswd.cgi

#

Fixes

No fixes

In order to submit a new fix you need to be registered.