Security Information and Review

Collection of security information and review

2Wire Gateway Password Reset Vulnerability

Author : Admin

In August 11, 2009, a vulnerability have been reported in 2Wire Modem Gateway. There is an authentication bypass vulnerability in the web administration that allow an attacker to set new password even if the password was previously set.

 

2Wire is the leading provider of intelligent service delivery platforms for the DSL broadband market. Its flagship products include the award-winning HomePortal residential gateways, the first to allow broadband subscribers to connect to the high-speed Internet with an integrated DSL modem, network multiple devices in their home via Wi-Fi, Ethernet and HPNA (Home Phoneline Networking Alliance), protect every device on the network with a professional grade firewall, and access a variety of advanced broadband services.

 

2Wire’s gateways are distributed exclusively by the major DSL service providers, including SBC, BellSouth and BT plc. 2Wire helps its partners acquire subscribers and grow revenues by offering a range of broadband applications that can be delivered via its platforms, such as its Firewall Monitor, Parental Controls and Web Remote Access enhanced services. The company continues to invest in developing technologies that allow DSL service providers to offer a complete triple-play of data, voice and entertainment services.

 

This vulnerability affected at 2Wire products : 2071 Gateway, 2Wire 1800HW and 2Wire 1701HG. The latest versions of 2Wire’s award-winning DSL product line feature a new hardware platform that help to eliminate wireless ‘coldspots’ in the home, where users are unable to access the network. The new platform increases Wi-Fi reach and DSL performance, while still providing the ease of use and remote manageability that DSL service providers require.

 

There is an authentication bypass vulnerability in page=CD35_SETUP_01 that allows you to set a new password even if the password was previously set. By setting a new password with more than 512 characters the password gets reset and next time you access the router you will be prompted for a new password. For example, see the following URL :

1
2
 
http://gateway.2wire.net/xslt?PAGE=CD35_SETUP_01_POST&password1=(..sample password ..)&password2=(..sample password..)

Mohamad Widodo

Mohamad Widodo

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
  • Technorati
  • YahooMyWeb
  • Slashdot
  • StumbleUpon
Categories: device security
Reno :
Estupendo articulo, gracias por ofrecer este tipo de informacion...
4 July 10 at 11:38
If you like this posts, please leave messages / comments.