LinkSys EtherFast Router Password HTML Source Revealing Vulnerability

Linksys EtherFast routers are small four port routers designed to optimize the use of DSL or Cable connections. EtherFast routers provide advanced features such as Network Address Translation, and DHCP Serving.

EtherFast routers store the ISP and router login passwords in HTML configuration files. These passwords may be extracted by visiting the administrative interface of the router and viewing the HTML source. Additionally, when accessed by the administrator, the information is sent over the network in plain text. This makes it possible to sniff the passwords during transit.


 

Privacy Statement
Copyright 2010, SecurityFocus