Aztech Modem Routers - Session Hijacking

source: https://www.securityfocus.com/bid/69811/info Multiple Aztech Modem Routers are prone to a session-hijacking vulnerability. An attacker can exploit this issue to gain unauthorized access to the affected device. !/usr/bin/perl Title: Aztech Modem Broken Session Management Exploit Author: Er...

Aztech Modem Routers - Information Disclosure

/ source: https://www.securityfocus.com/bid/69808/info Aztech Modem Routers are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. / HOST=$1 PORT=$2 PARM1="\x48\x6f\x73\x74\x3a\x20"...

Arris DG950A Cable Modem Wifi Enumeration

This module will extract WEP keys and WPA preshared keys from Arris DG950A cable modems. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Arris DG950A Cable Modem Wifi Enumeration', 'Description...

CVE-2014-4862

The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request...

CVE-2014-4863

The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request...

Design/Logic Flaw

The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request...

CVE-2014-4862

The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request...

CVE-2014-4863

The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request...

CVE-2014-4863

CVE-2014-4863 affects the Arris Touchstone DG950A cable modem (software 7.10.131). Public SNMP community access (SNMP community: public) enables reading sensitive information, including passwords, keys, and SSIDs, via SNMP requests. Connected documents corroborate: a Metasploit auxiliary module t...

CVE-2014-4862

CVE-2014-4862 affects Netmaster CBW700N modems; CVE-2014-4863 affects Arris Touchstone DG950A modems. Both involve SNMP public community leaking sensitive data (passwords, keys, SSIDs) via SNMP requests. Publicly available details confirm exposure of credentials and wireless keys; DG950A document...

ARRIS / Motorola SBG6580 Cable Modem SNMP Enumeration Module

This module allows SNMP enumeration of the ARRIS / Motorola SURFboard SBG6580 Series Wi-Fi Cable Modem Gateway. It supports the username and password for the device user interface as well as wireless network keys and information. The default community used is "public". This module requires...

[SECURITY] Fedora 19 Update: ppp-2.4.5-33.fc19

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

Netmaster Wireless Cable Modem Password Disclosure

The remote Netmaster Wireless Cable Modem is prone to a security-bypass vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Datum Systems Satellite Modem Multiple Vulnerabilities

Datum Systems Satellite Modem is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 20 Update: minimodem-0.19-3.fc20

Minimodem is a command-line program which decodes or generates audio modem tones at any specified baud rate, using various framing protocols. It acts a general-purpose software FSK modem, and includes support for various standa rd FSK protocols such as Bell103, Bell202, RTTY, NOAA SAME, and...

CVE-2014-2968

CVE-2014-2968 is a stored cross-site scripting (XSS) vulnerability in the Huawei E355 series web interface. The issue affects the CH1E355SM device with software 21.157.37.01.910 and Web UI 11.001.08.00.03, allowing an attacker to inject arbitrary script or HTML via an SMS message when interacting...

MTS MBlaze 3G Wi-Fi Modem Data Theft / Modification

Author: Ajin Abraham - xboz http://opensecurity.in Product MTS MBlaze 3G Wi-Fi Modem System Version 107 Manufacturer ZTE Model AC3633 import requests import os import urllib2 print "MTS MBlaze Ultra Wi-Fi / ZTE AC3633 Exploit" print "Vulnerabilities" print "Login Bypass | Router Credential Steali...

MTS MBlaze Ultra Wi-Fi ZTE AC3633 - Multiple Vulnerabilities

MTS MBlaze Ultra Wi-Fi ZTE AC3633 - Multiple Vulnerabilities Author: Ajin Abraham - xboz http://opensecurity.in Product MTS MBlaze 3G Wi-Fi Modem System Version 107 Manufacturer ZTE Model AC3633 import requests import os import urllib2 print "MTS MBlaze Ultra Wi-Fi / ZTE AC3633 Exploit" print...

Cisco Addresses Wireless Residential Gateway Vulnerability

Cisco has released an advisory to address a vulnerability in the web server used in multiple Wireless Residential Gateway products that could allow an unauthenticated, remote attacker to crash the web server and execute arbitrary code with elevated privileges. Cisco products affected by this...

Datum Systems satellite modem devices contain multiple vulnerabilities

Overview Datum Systems PSM-4500 and PSM-500 series satellite modem devices contain multiple vulnerabilities Description CWE-220:Sensitive Data Under FTP Root - CVE-2014-2950The Datum Systems SnIP operating system on PSM-4500 and PSM-500 satellite modem devices has FTP enabled by default with no...