[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Friendly-Tech FriendlyTR69 CPE Remote Management v2.8.9 SQL Injection

Author
Yaniv Miron
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-11240
Category
web applications
Date add
10-03-2010
Platform
unsorted
===================================================================================
Friendly-Tech FriendlyTR69 CPE Remote Management v2.8.9 SQL Injection Vulnerability
===================================================================================

=====================
I. BACKGROUND
=====================
Based on the company’s technical expertise and a decade of hands-on experience
in the telecom industry, Friendly’s solution is a ROBUST, SCALABLE, SECURED,
TELCO GRADE and COST-EFFECTIVE TR-069 solution.
The TR-069 protocol was accepted as the standard for CPE management by the
DSL, WiMAX, NGN / Optical network providers (some Cable operators are
deploying TR-069 as well).
 
Device Management & Auto Provisioning
 
Friendly’s TR-069 solution delivers comprehensive remote management and
auto-provisioning of CPEs that support the TR-069 standard - including modem/routers,
IPTV/ STBs, ATA/VoIP, storage devices, media centers, etc.
 
http://www.friendly-tech.com/remotemamagment.asp
 
=====================
II. DESCRIPTION
=====================
 
The Friendly-Tech FriendlyTR69 CPE Remote Management is prone to SQL injection attacks.
 
=====================
III. ANALYSIS
=====================
 
The vulnerability occurs due to insufficient sanitization of user-supplied data when logging onto the FriendlyTR69 CPE Remote Management.
 
Successful exploitation may result in an attacker obtaining admin access to the FriendlyTR69 CPE Remote Management.
 
=====================
IV. EXPLOIT
=====================
 
Username: ' or 1=1--
Password:  ' or 1=1--
 
=====================
V. DISCLOSURE TIMELINE
=====================
 
Jan 2009 Vulnerability Found
Jan 2009 Vendor Notification
March 2010 Public Disclosure



#  0day.today [2024-12-25]  #