Hawking HAR11A and HAR14A Router Unauthenticated Administrative Access

2004-10-26T11:08:24
ID OSVDB:11223
Type osvdb
Reporter Marcus Garvey(dartroller@mad.scientist.com)
Modified 2004-10-26T11:08:24

Description

Vulnerability Description

ADSL Modem Router HAR11A and 4-port ADSL Modem Router HAR14A contain a flaw that may allow an attacker to obtain access to the router's administrative interface. The issue is triggered when the attacker uses telnet to connect to port 23, 254, or 255. The flaw allows unauthorized access to the router's management interface resulting in a loss of confidentiality.

Solution Description

Upgrade to firmware version CX82xxx_4.1.0.21 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): 1) Use the "Virtual Host" feature in the modem's browser interface to forward ports 23, 254, and 255 to a nonexistent host (such as "10.0.209.5"). This still allows access from the firewall side of the modem, however. 2) Put the modem into "bridge mode" and do all your NAT, PPPoE, and security from your linux firewall.

Short Description

ADSL Modem Router HAR11A and 4-port ADSL Modem Router HAR14A contain a flaw that may allow an attacker to obtain access to the router's administrative interface. The issue is triggered when the attacker uses telnet to connect to port 23, 254, or 255. The flaw allows unauthorized access to the router's management interface resulting in a loss of confidentiality.

References:

Vendor URL: http://www.hawkingtech.com/prodSpec.php?ProdID=182 Vendor Specific Solution URL: http://www.hawkingtech.com/images/drivers/HAR%20Firmware%20Upgrade%2010-29-04.zip Security Tracker: 1011948 Other Solution URL: http://www.securityfocus.com/bid/8855 Other Advisory URL: http://www.chiark.greenend.org.uk/~theom/security/origo.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0276.html ISS X-Force ID: 17877 CVE-2004-1637 Bugtraq ID: 11543