3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : 3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass
# Published : 2009-02-09
# Author : ikki
# Previous Title : ProFTPd with mod_mysql Authentication Bypass Vulnerability
# Next Title : ZeroShell <= 1.0beta11 Remote Code Execution Vulnerability

==================================================== 
3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass

Original Advisory: 
http://www.ikkisoft.com/stuff/LC-2008-05.txt

luca.carettoni[at]ikkisoft[dot]com
==================================================== 

An unauthenticated user may directly invoke the "SaveCfgFile" CGI program and 
easily download the system configuration containing configuration information, 
users, passwords, wifi keys and other sensitive information.

http://<IP>/SaveCfgFile.cgi

# www.Syue.com [2009-02-09]