The following advisory describes an information disclosure vulnerability found in Geneko Routers version 3.18.21
Geneko GWG is “compact and cost effective communications solution that provides cellular capabilities for fixed and mobile applications such as data acquisition, smart metering, remote monitoring and management. GWG supports a variety of radio bands options on 2G, 3G and 4G cellular technologies.”
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
We tried to contact Geneko since August 2 2017, repeated attempts to establish contact went unanswered. At this time there is no solution or workaround for these vulnerabilities.
If the administrator has previously backed up the configuration file, then the attacker can access
And get the configuration file with the admin password.