Humax Digital HG100R multiple vulnerabilities Device: Humax HG100R Software Version: VER 2.0.6 - Backup file download (CVE-2017-7315) An issue was discovered on Humax Digital HG100R 2.0.6 devices, a modem commonly used by ISPs to provide ADSL internet service to household and small business users. (CHECA ESSA INFO) To download the backup file it's not required the use of credentials or any authentication, and the router credentials are stored in plaintext inside the backup. PoC wget http://ift.tt/2svtxnv strings GatewaySettings.bin | grep -A 1 admin
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment