header-logo
Suggest Exploit
vendor:
3CRADSL72
by:
7.5
CVSS
HIGH
Information Disclosure, Authentication Bypass
CWE
Product Name: 3CRADSL72
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: 3com:3cradsl72
Metasploit:
Other Scripts:
Platforms Tested:

3Com 3CRADSL72 Information Disclosure and Authentication Bypass Vulnerabilities

The vulnerabilities in 3Com 3CRADSL72 allow remote attackers to disclose sensitive information and bypass authentication. This can lead to the disclosure of router name, primary and secondary DNS servers, default gateway, and even gaining administrative access to the router. These vulnerabilities can be exploited to launch further attacks against the device and other users on the vulnerable network.

Mitigation:

No official mitigation or remediation steps provided.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11408/info

3Com 3CRADSL72 is reported prone to an information disclosure, and an authentication bypass vulnerability. This issue can allow a remote attacker to disclose sensitive information such as the router name, primary and secondary DNS servers, default gateway. Attackers could also reportedly gain administrative access to the router.

If successful, these vulnerabilities can be used to the launch of other attacks against the device and other users on the vulnerable network.

http://www.example.com/app_sta.stm

Navigation

Suggest Exploit

Services By CQR