SSD Advisory – Coredy CX-E120 Repeater Multiple Vulnerabilities Full report: http://ift.tt/2BF3GiC Twitter: @SecuriTeam_SSD Weibo: SecuriTeam_SSD Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Coredy CX-E120 Repeater. The Coredy CX-E120 WiFi Range Extender is “a network device with multifunction, which can be using for increasing the distance of a WiFi network by boosting the existing WiFi signal and enhancing the overall signal quality over long distances. An extender repeats the signals from an existing WiFi router or access point.” The vulnerabilities found are: Unauthenticated Root Password Reset Unauthenticated Remote Command Execution Credit An independent security researcher, Corben Douglas (@sxcurity), has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response Coredy has released patches to address these vulnerabilities (WN575A3-A-RPTA3-75W.M4300.01.GD.2017Nov22-WEBC.bin). Vulnerabilities details Unauthenticated Root Password Reset An unauthenticated user is able to send a POST request to /cgi-bin/adm.cgi which can then be used to reset the root password with parameter page=sysAdm, username=, and the values of the new password: newpass= and confpass=. Remote Command Execution An unauthenticated user is able to send a POST request to /cgi-bin/adm.cgi with the following parameters: page=sysCMD, SystemCommandSubmit=Apply, and command= with the command you run to run. The input is passed as root cmd command for execution.
Source: Gmail -> IFTTT-> Blogger
2 comments:
Hi,
It seems coredytech is no longer making this patch available as
https://coredytech.com/data/driver/ex120/WN575A3-A-RPTA3-75W.M4300.01.GD.2017Nov22-WEBC.bin
gives an error message.
I am asking them but tech support does not seem to know where it may be. Do you know of an alternative site?
Thanks,
Paulo Goncalves
I managed to find it. All I can say is it did not fry my router and I can see an updated version after I installed. Use at your own risk
https://drive.google.com/file/d/1CAlddzm7h8FX8lXtKejfSh6ncFEBpz1E/view?usp=sharing
Post a Comment