> In-Reply-To: <Pine.GSO.4.33.0406031903380.14119-100000 (at) shamal.khamsin (dot) ch [email concealed]>
>
> I can confirm that this vulnerability still exists in the latest firmware upgrade(1.7.14) for the WG602. They've simply gone and changed the username to superman and password to 21241036.
yes - this is right (though it took me a while to find out how to get
this gzip compressed part out of the img).
Whats new in this image:
"[...] Fixed illegal user access the WEB configuration utility. [...]"
;-)
Would it be possible to change the firmware image by hand - e.g. usa a
hex editor and set this username / password to sth else?
Jaco Swart wrote:
> In-Reply-To: <Pine.GSO.4.33.0406031903380.14119-100000 (at) shamal.khamsin (dot) ch [email concealed]>
>
> I can confirm that this vulnerability still exists in the latest firmware upgrade(1.7.14) for the WG602. They've simply gone and changed the username to superman and password to 21241036.
yes - this is right (though it took me a while to find out how to get
this gzip compressed part out of the img).
Whats new in this image:
"[...] Fixed illegal user access the WEB configuration utility. [...]"
;-)
Would it be possible to change the firmware image by hand - e.g. usa a
hex editor and set this username / password to sth else?
regards,
Harald
--
Team NeueMedien.Net / Hostmaster
[ reply ]