JVN#13159997 Multiple I-O DATA DEVICE wireless LAN routers default configuration does not set authentication

2008-03-18T00:00:00
ID JVN:13159997
Type jvn
Reporter Japan Vulnerability Notes
Modified 2008-07-17T00:00:00

Description

## Description

The authentication for the web administration interface for the WN-APG/R-Series and WN-WAPG/R-Series wireless LAN routers from I-O DATA DEVICE is disabled in the default configuration. This vulnerability may allow a remote attacker to access the web administration interface without authentication.

## Impact

A remote attacker could change the configuration of vulnerable routers or obtain configuration information.

## Solution

Update the Software
Update to the latest firmware provided by the vendor.
For more information, refer to the vendor's website.

Change the Setting
For more information, refer to the vendor's website.

## Products Affected

  • WN-APG/R firmware version 1.05J/W and earlier
  • WN-APG/R-S firmware version 1.05J/W and earlier
  • WN-WAPG/R firmware version 2.04 and earlier
  • WN-WAPG/R-S firmware version 2.04 and earlier