THOMSON TG585n (user.ini) Arbitrary Download Vulnerability - exploit.company

vendor:

TG585n

by:

AnTi SeCuRe

8.8

CVSS

HIGH

Arbitrary Download Vulnerability

200

CWE

Product Name: TG585n

Affected Version From: 7.4.3.2

Affected Version To: 7.4.3.2

Patch Exists: YES

Related CWE: CVE-2009-3286

CPE: h:thomson:tg585n

Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1692/, https://www.rapid7.com/db/vulnerabilities/vmsa-2010-0009-1-service-console-update-cve-2009-3286/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-3286/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2009-3286/

Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=42358, https://www.infosecmatter.com/nessus-plugin-library/?id=79470, https://www.infosecmatter.com/nessus-plugin-library/?id=44993, https://www.infosecmatter.com/nessus-plugin-library/?id=67068, https://www.infosecmatter.com/nessus-plugin-library/?id=65044, https://www.infosecmatter.com/nessus-plugin-library/?id=89737, https://www.infosecmatter.com/nessus-plugin-library/?id=44794, https://www.infosecmatter.com/nessus-plugin-library/?id=44780, https://www.infosecmatter.com/nessus-plugin-library/?id=89740, https://www.infosecmatter.com/nessus-plugin-library/?id=42990

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2009

THOMSON TG585n (user.ini) Arbitrary Download Vulnerability

A vulnerability in the Thomson TG585n router allows an attacker to download the user.ini file without authentication. This file contains the username and password of the router, which can be used to gain access to the router's web interface.

Mitigation:

Upgrade to the latest version of the router's firmware.

Source

Exploit-DB raw data: