Bugtraq mailing list archives

Re: Security flaw in Telocity's "Gateway Modem"

From: bugtrax () HOTMAIL COM
Date: Fri, 23 Feb 2001 07:43:30 -0000

Of course is the ever
interesting URL http://123.123.123.1/admin which

prompts you for a

username/password combo to access what? (any

information on this would be

great)


The admin password is apparently downloaded during
configuration through your browser (not SSL ;-). 
Your IP address seems to be based on your phone
number, as you need to enter your phone number to
activate the gateway.  It looks to be IP address
or phone number based, as this was verified with
two different gateways and both gateways became
programmed with the same admin password.  I will
post a followup to this if I can narrow it down.

You will then have several options (pull down
menu):

Download configuration
Reboot
Erase Downloaded Configuration
Set Ethernet as Routeable Interface
Set Parallel as Routeable Interface
Set USB as Routeable Interface
Erase Delta Image
Invert Cloaked State of FW/NAT

Haven't tried the last two (!).  The parallel
option is available on gateways without the
parallel interface (on the case, anyway).

My guess is that the access to the gateway is IP
based so that Telocity can do some remote
troubleshooting as well.

Current thread:

Security flaw in Telocity's "Gateway Modem" Kras Hish (Feb 21)
- Re: Security flaw in Telocity's "Gateway Modem" Don Hammond (Feb 21)
- Re: Security flaw in Telocity's "Gateway Modem" Emre Yildirim (Feb 21)
  - Re: Security flaw in Telocity's "Gateway Modem" Kras Hish (Feb 22)
- <Possible follow-ups>
- Re: Security flaw in Telocity's "Gateway Modem" Shane Youhouse (Feb 22)
- Re: Security flaw in Telocity's "Gateway Modem" bugtrax (Feb 23)