|
|
BugTraq
Router ZyXEL Prestige 650 HW http remote admin. Nov 21 2004 10:42PM Francisco José Canela (darkydelphi gmail com) (2 replies) Re: Router ZyXEL Prestige 650 HW http remote admin. Nov 23 2004 12:02AM Hugo van der Kooij (hvdkooij vanderkooij org) (1 replies) Re: Router ZyXEL Prestige 650 HW http remote admin. Nov 24 2004 10:32AM Laurent Papier (papier sdv fr) |
|
Privacy Statement |
>Hi, I found a bug in ZyXEL Prestige 650 HW Routers with Http Remote Administration active.
>
>
>
Prestige 623/652 are also vulnerable which is very sad, have you
contacted Zyxel about it? If so, how patient have you been?
This is really annoying because it is really easy to "exploit" and
without a working firmware I will have to disable the Web Management on
all my remote clients because it is "usuallly" on by default.
jeers,
Steve C
>Exploting this bug, the attacker can reset the router configurantion.
>
>The "/rpFWUpload.html" is not password protected. To exploit this bug you only need write that:
>
>http://[Router ip]/rpFWUpload.html
>
>and click the Reset button.
>
>
>Sorry if this post is misspelling... but I'm from Spain and my english level is poor...
>
>
[ reply ]