• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linksys Router Unauthorized Management Access Vulnerability

The following proof of concept has been supplied.


- BEFSR41 firewall/router with firmware version 1.43
- lynx browser version 2.8.4rel.1 (17 Jul 2001)
- ~/.mailcap with the following line:
application/foo.xml;

Using lynx with the above mailcap, connect to the management interface (remote interface listens on port 8080 when enabled). Affected versions will display the setup screen without requiring the user to enter a password. (Note: mailcap is generally installed as ~/.mailcap). Navigation to other screens is possible, though some "accept" buttons might not render if the browser used is unable to process javascript.