0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Comtrend CT 5361T Password Disclosure Vulnerability
[+] Author: TUNISIAN CYBER [+] Exploit Title: Comtrend CT 5361T Password Disclosure Vulnerability [+] Date: 07-04-2014 [+] Category: WebApp [+] Tested on: Windows 7 Pro [+] Vendor: http://www.comtrend.com/ [+] Product: http://www.comtrend.com/cgi-bin/na/db-searchn.cgi?template=proview1.htm&dbname=product&key2=32&action=searchdbdisplay [+] Friendly Sites: na3il.com,th3-creative.com 1.OVERVIEW: WiFi router Comtrend CT 5361T suffers from a Password Disclosure Vulnerability 2.Version: CT 5361T (more likely CT CT 536X) Software Version: A111-312SSG-T02_R01 Wireless Driver Version: 4.150.10.15.cpe2.2 3.Background: The CT-5361T is an 802.11g (54Mbps) Wireless and Wired ADSL2+ router. Four 10/100 Base-T Ethernet ports and an optional USB port and an integrated 802.11g WiFi WLAN Access Point (AP) provide with wired LAN connectivity and wireless connectivity separately. The CT-5361T ADSL2+ router also provides for state of the art security features such as WPA data encryption, Firewall and VPN pass through. The CT-5361T is designed for both residential and business applications that require wireless and wired connectivity to an ADSL broadband network. The CT-5361T supports up to 16 contiguous virtual connections allowing for multiple simultaneous Internet connections. The CT-5361T is also designed with TR-068 compliant color panel and LED indicators, which eases the installation of the modem and makes it more user-friendly. 4.Proof Of Concept: The attacker can access to "password.cgi" without authentication, when he opens the page source he could fetch the Panel password 1) http://i.imgur.com/uHumx1J.png 2) http://i.imgur.com/CG6HFOY.png pwdUser = 'dXNlcg=='; dXNlcg== Base64 ===> user Username: user Password: user Also the root access: Y3RBZG1pbg== Base64= ctAdmin(the default one because as you can see in the photo i've changed it) Username: root Password: ctAdmin 3)http://i.imgur.com/J0k9Dvl.png 4)http://i.imgur.com/QP7L3TK.png 5.Solution(s): NOT FIXED Change Router 6.TIME-LINE: 07-04-2014: Vulnerability was discovered. 07-04-2014: Contact With the vendor. 07-04-2014: Contact With ISP. 08-04-2014: No reply from the vendor neither the ISP. 09-04-2014: No reply from the vendor neither the ISP. 10-04-2014: No Reply 11-04-2014: Vulnerability Published ..... .... ..... 7.Greetings: Xmax-tn Xtech-set N43il Sec4ver,E4A Members # 0day.today [2024-12-24] #