Search...

Hawking HAR11A and HAR14A Router Unauthenticated Administrative Access

2004-10-26T11:08:24

ID OSVDB:11223
Type osvdb
Reporter Marcus Garvey(dartroller@mad.scientist.com)
Modified 2004-10-26T11:08:24

Description

Vulnerability Description

ADSL Modem Router HAR11A and 4-port ADSL Modem Router HAR14A contain a flaw that may allow an attacker to obtain access to the router's administrative interface. The issue is triggered when the attacker uses telnet to connect to port 23, 254, or 255. The flaw allows unauthorized access to the router's management interface resulting in a loss of confidentiality.

Solution Description

Upgrade to firmware version CX82xxx_4.1.0.21 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): 1) Use the "Virtual Host" feature in the modem's browser interface to forward ports 23, 254, and 255 to a nonexistent host (such as "10.0.209.5"). This still allows access from the firewall side of the modem, however. 2) Put the modem into "bridge mode" and do all your NAT, PPPoE, and security from your linux firewall.

Short Description

References:

Vendor URL: http://www.hawkingtech.com/prodSpec.php?ProdID=182 Vendor Specific Solution URL: http://www.hawkingtech.com/images/drivers/HAR%20Firmware%20Upgrade%2010-29-04.zip Security Tracker: 1011948 Other Solution URL: http://www.securityfocus.com/bid/8855 Other Advisory URL: http://www.chiark.greenend.org.uk/~theom/security/origo.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0276.html ISS X-Force ID: 17877 CVE-2004-1637 Bugtraq ID: 11543

JSON Vulners Source

Initial Source

{"edition": 1, "title": "Hawking HAR11A and HAR14A Router Unauthenticated Administrative Access", "bulletinFamily": "software", "published": "2004-10-26T11:08:24", "lastseen": "2017-04-28T13:20:06", "modified": "2004-10-26T11:08:24", "reporter": "Marcus Garvey(dartroller@mad.scientist.com)", "viewCount": 0, "href": "https://vulners.com/osvdb/OSVDB:11223", "description": "## Vulnerability Description\nADSL Modem Router HAR11A and 4-port ADSL Modem Router HAR14A contain a flaw that may allow an attacker to obtain access to the router's administrative interface. The issue is triggered when the attacker uses telnet to connect to port 23, 254, or 255. The flaw allows unauthorized access to the router's management interface resulting in a loss of confidentiality.\n## Solution Description\nUpgrade to firmware version CX82xxx_4.1.0.21 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s):\n1) Use the \"Virtual Host\" feature in the modem's browser interface to forward ports 23, 254, and 255 to a nonexistent host (such as \"10.0.209.5\"). This still allows access from the firewall side of the modem, however.\n2) Put the modem into \"bridge mode\" and do all your NAT, PPPoE, and security from your linux firewall.\n## Short Description\nADSL Modem Router HAR11A and 4-port ADSL Modem Router HAR14A contain a flaw that may allow an attacker to obtain access to the router's administrative interface. The issue is triggered when the attacker uses telnet to connect to port 23, 254, or 255. The flaw allows unauthorized access to the router's management interface resulting in a loss of confidentiality.\n## References:\nVendor URL: http://www.hawkingtech.com/prodSpec.php?ProdID=182\nVendor Specific Solution URL: http://www.hawkingtech.com/images/drivers/HAR%20Firmware%20Upgrade%2010-29-04.zip\nSecurity Tracker: 1011948\nOther Solution URL: http://www.securityfocus.com/bid/8855\nOther Advisory URL: http://www.chiark.greenend.org.uk/~theom/security/origo.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0276.html\nISS X-Force ID: 17877\n[CVE-2004-1637](https://vulners.com/cve/CVE-2004-1637)\nBugtraq ID: 11543\n", "affectedSoftware": [{"name": "ADSL Modem Router HAR11A", "version": "ETHADSL_USB_080902_REL9P", "operator": "eq"}, {"name": "4-port ADSL Modem Router HAR14A", "version": "ETHADSL_USB_080902_REL9P", "operator": "eq"}], "type": "osvdb", "references": [], "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2017-04-28T13:20:06", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2004-1637"]}], "modified": "2017-04-28T13:20:06", "rev": 2}, "vulnersScore": 6.0}, "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 7.5}, "cvelist": ["CVE-2004-1637"], "id": "OSVDB:11223", "immutableFields": []}

{"cve": [{"lastseen": "2021-04-21T20:25:20", "description": "The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, which displays a management interface and information on established connections.", "edition": 5, "cvss3": {}, "published": "2004-10-26T04:00:00", "title": "CVE-2004-1637", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-1637"], "modified": "2017-07-11T01:31:00", "cpe": ["cpe:/h:hawking_technology:har11a_dsl_router:*"], "id": "CVE-2004-1637", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1637", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:h:hawking_technology:har11a_dsl_router:*:*:*:*:*:*:*:*"]}]}