3Com OfficeConnect Wireless Cable/DSL Router - Authentication Bypass

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1057437 漏洞类型
发布时间 2009-02-09 更新时间 2009-02-09
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Hardware CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/8022
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
==================================================== 
3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass

Original Advisory: 
http://www.ikkisoft.com/stuff/LC-2008-05.txt

luca.carettoni[at]ikkisoft[dot]com
==================================================== 

An unauthenticated user may directly invoke the "SaveCfgFile" CGI program and 
easily download the system configuration containing configuration information, 
users, passwords, wifi keys and other sensitive information.

http://<IP>/SaveCfgFile.cgi

# milw0rm.com [2009-02-09]