• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Arescom NetDSL DSL Router Administrative Access Password Vulnerability

NetDSL routers are a hardware solution manufactured by Arescom. They are designed to provide high-speed internet access to home and home-office users.

A problem with some NetDSL routers could make it possible for a remote user to gain administrative access on the router. The problem is in the handling of authentication.

Some NetDSL routers do not properly control access to administrative functions by default. It has been reported that NetDSL 800 routers by default permit access via telnet, and additionally do not require a password to gain administrative access.

This problem makes it possible for remote users to gain administrative access to a NetDSL router, and potentially reconfigure the router, resulting in a denial of service.