BT Home Hub and Thomson/Alcatel Speedtouch 7G Multiple Vulnerabilities

The following exploit code is available through GNUCitizen:

http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-4

UPDATE (January 10, 2008) - The cross-site scripting issue can be leveraged to perform unauthorized actions via UPnP. Please see the Bugtraq message entitled "BT Home Flub: Pwnin the BT Home Hub (5) - exploiting IGDs remotely via UPnP" in the references section for further information.

UPDATE (January 21, 2008) - The following proof-of-concept URI is available; please see the referenced "Call Jacking: Phreaking the BT Home Hub" webpage for further information:

POST http://www.example.com/cgi/b/_voip_/stats//?ce=1&be=0&l0=-1&l1=-1&name=0=30&1=00390669893461


 

Privacy Statement
Copyright 2010, SecurityFocus