Bugtraq mailing list archives
Re: Router ZyXEL Prestige 650 HW http remote admin.
From: Steve Clement <steve () ion lu>
Date: Wed, 24 Nov 2004 01:10:30 +0100
Francisco José Canela wrote:
Hi, I found a bug in ZyXEL Prestige 650 HW Routers with Http Remote Administration active.Prestige 623/652 are also vulnerable which is very sad, have you contacted Zyxel about it? If so, how patient have you been? This is really annoying because it is really easy to "exploit" and without a working firmware I will have to disable the Web Management on all my remote clients because it is "usuallly" on by default.
jeers, Steve C
Exploting this bug, the attacker can reset the router configurantion. The "/rpFWUpload.html" is not password protected. To exploit this bug you only need write that: http://[Router ip]/rpFWUpload.html and click the Reset button. Sorry if this post is misspelling... but I'm from Spain and my english level is poor...
Current thread:
- Router ZyXEL Prestige 650 HW http remote admin. José (Nov 22)
- Re: Router ZyXEL Prestige 650 HW http remote admin. Hugo van der Kooij (Nov 23)
- Re: Router ZyXEL Prestige 650 HW http remote admin. Laurent Papier (Nov 25)
- Re: Router ZyXEL Prestige 650 HW http remote admin. Steve Clement (Nov 24)
- Re: Router ZyXEL Prestige 650 HW http remote admin. Hugo van der Kooij (Nov 23)