BugTraq
Back to list
|
Post reply
Default SNMP community in Surecom Broadband Router
Nov 13 2002 07:44PM
Andrei Mikhailovsky (andrei arhont com)
Arhont Ltd. - Information Security
Arhont Advisory by: Andrei Mikhailovsky
(www.arhont.com)
Advisory: Surecom Broadband Router
Router Model Name: EP-4501
Model Specific: Other models might be
vulnerable
Manufacturer site: http://www.surecom.com.tw
Manufacturer contact: surecom (at) surecom.com (dot) tw [email concealed]
Contact Date: 25/10/2002
DETAILS:
While performing a general penetration testing of a
network, we have found a security vulnerability in the
Surecom Broadband Router EP-4501.
The default router installation enables SNMP (Simple
Network Management Protocol) server with default
community names for read and read/write access.
The community name: public
Allows read access to the mentioned device, providing
enumeration and gathering of sensitive network
information.
The community name: secret
Allows read/write access to device, thus allowing
restart and change of the network settings of the
broadband router. The SNMP server is enabled by
default from the LAN and WAN interfaces.
Impact: This vulnerability allows LAN and internet
malicious attackers to retrieve and change network
settings of the router.
Risk Factor: High
Possible Solutions: Disable default SNMP
implementation, or change default community names.
According to the Arhont Ltd. policy, all of the found
vulnerabilities and security issues will be reported to
the manufacturer 7 days before releasing them to the
public domains (such as CERT and BUGTRAQ).
If you would like to get more information about this
issue, please do not hesitate to contact Arhont team.
Regards,
Andrei Mikhailovsky
Arhont Ltd.
http://www.arhont.com
GnuPG Keyserver: blackhole.pca.dfn.de
GnuPG Key: 0x178F548C
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Arhont Ltd. - Information Security
Arhont Advisory by: Andrei Mikhailovsky
(www.arhont.com)
Advisory: Surecom Broadband Router
Router Model Name: EP-4501
Model Specific: Other models might be
vulnerable
Manufacturer site: http://www.surecom.com.tw
Manufacturer contact: surecom (at) surecom.com (dot) tw [email concealed]
Contact Date: 25/10/2002
DETAILS:
While performing a general penetration testing of a
network, we have found a security vulnerability in the
Surecom Broadband Router EP-4501.
The default router installation enables SNMP (Simple
Network Management Protocol) server with default
community names for read and read/write access.
The community name: public
Allows read access to the mentioned device, providing
enumeration and gathering of sensitive network
information.
The community name: secret
Allows read/write access to device, thus allowing
restart and change of the network settings of the
broadband router. The SNMP server is enabled by
default from the LAN and WAN interfaces.
Impact: This vulnerability allows LAN and internet
malicious attackers to retrieve and change network
settings of the router.
Risk Factor: High
Possible Solutions: Disable default SNMP
implementation, or change default community names.
According to the Arhont Ltd. policy, all of the found
vulnerabilities and security issues will be reported to
the manufacturer 7 days before releasing them to the
public domains (such as CERT and BUGTRAQ).
If you would like to get more information about this
issue, please do not hesitate to contact Arhont team.
Regards,
Andrei Mikhailovsky
Arhont Ltd.
http://www.arhont.com
GnuPG Keyserver: blackhole.pca.dfn.de
GnuPG Key: 0x178F548C
[ reply ]