ZTE ZXDSL 831 II - PPPOE Exploit

vendor:

ADSL Modem

by:

SuNHouSe2

7,5

CVSS

HIGH

Authentication Bypass

287

CWE

Product Name: ADSL Modem

Affected Version From: ZXDSL 831IIV7.5.0a_E09_OV

Affected Version To: ZXDSL 831IIV7.5.0a_E09_OV

Patch Exists: NO

Related CWE: N/A

CPE: h:zte:zxdsl_831_ii

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

ZTE ZXDSL 831 II – PPPOE Exploit

This exploit allows an attacker to bypass authentication and gain access to the configuration of the modem, and get PPPOE user & password. The attacker can access the modem by going to http://192.168.1.1/vpivci.cgi.

Mitigation:

Ensure that authentication is properly implemented and enforced.

Source

Exploit-DB raw data:

-----------------------------------------------------
    -->> Found By  SuNHouSe2 [ALGERIAN HaCkEr] <<--
           --> Made in "Maghnia City" (DZ) <--
          --> Contact : sunhouse2@yahoo.com <--
        --> Greetz to : His0k4 all my friends <--
          --> Good Ramadan to all muslims <--
-----------------------------------------------------

Exploit tested on modem with this informations :

ZTE CORPORATION

Date             : NOV 2008
Product          : ADSL Modem
Model            : ZXDSL 831 II --> http://www.geeksecurity.org/tsttte.JPG
Firmware Version : ZXDSL 831IIV7.5.0a_E09_OV
 
-----------------------------------------------------
Introduction:

This modem is used by many providers in the world like 
russia india and algeria [used by provider and all clients of "Easy ADSL"].

Exploit :
We can get access to  to configuration of the modem , and get PPPOE user & password.

Go only here
http://192.168.1.1/vpivci.cgi

A video uploaded to explain how we can use this exploit to get PPPOE sessions
with user & password

download video demonstration > 

http://www.geeksecurity.org/vid/zxdsl-exploit-2.rar

------------------------------------------------------

# milw0rm.com [2009-08-18]