vendor:
ADSL R5000UNv2
by:
SebastiƔn Magof
7,5
CVSS
HIGH
Local
N/A
CWE
Product Name: ADSL R5000UNv2
Affected Version From: 2.00(R5TC008)
Affected Version To: 2.00(R5TC008)
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux Fedora 20/Windows 7
2014
Modem Nucom ADSL R5000UNv2 ISP credentials disclosure
This exploit discloses the ISP credentials of Modem Nucom ADSL R5000UNv2. The vulnerable file is guidewan.html located at http://gateway/telecom_GUI/guidewan.html. The bug is ISP usr+pwd disclosure. The exploit is written in Perl and uses LWP::UserAgent, HTTP::Request and MIME::Base64 modules.
Mitigation:
The user should update the modem to the latest version to mitigate this vulnerability.
