Bugtraq mailing list archives
Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD"
From: "LegendaryZion" <moskito () smile net il>
Date: Tue, 31 Oct 2006 18:27:21 +0200
·= Security Advisory =· Issue: B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" Discovered Date: 02/10/2006 Author: Tal Argoni, LegendaryZion. [talargoni at gmail.com] Product Vendor: http://www.inoviatele.com/ Details: B-FOCuS Wireless Router is prone to a directory listing Vulnerability.The vulnerability exists in Web-Based Management , caused by the lack of poor configuration.
Exploitation URL: http://target/html/defs/Successful exploitation allow viewing the router files and configuration files.
Proof Of Concept: http://target/html/defs/ Thanks, Tal Argoni, CEHwww.zion-security.com
Current thread:
- Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" LegendaryZion (Oct 31)