SpeedStream 5200 Authentication Bypass

vendor:

NetPort Software 1.1

by:

hkm

8.8

CVSS

HIGH

Authentication Bypass

287

CWE

Product Name: NetPort Software 1.1

Affected Version From: NetPort Software 1.1

Affected Version To: NetPort Software 1.1

Patch Exists: YES

Related CWE: N/A

CPE: a:netport_software:netport_software_1.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

SpeedStream 5200 Authentication Bypass

It is possible to bypass authentication by modifying the Host header. If you use a Host that is not the authentic one it will not require authentication. http://189.255.255.255./ would bypass authentication too. http://189.255.255.255./x.cfg downloads the full router configuration.

Mitigation:

Ensure that authentication is required for all requests.

Source

Exploit-DB raw data:

######################################################################################

 SpeedStream 5200 Authentication Bypass - hkm 12/10/2008
 (Server: NetPort Software 1.1)

 It is posible to bypass authentication by modifying the Host header.
 If you use a Host that is not the authentic one it will not require authentication.

 http://189.255.255.255./          -  This would bypass authentication too.
 http://189.255.255.255./x.cfg     -  This downloads the full router conifguration.


 hkm [ @ ] hakim.ws
______________________________________________________________________________________
######################################################################################

# milw0rm.com [2008-11-07]