Belkin 54G Wireless Router Multiple Vulnerabilities
BID:12846
Info
Belkin 54G Wireless Router Multiple Vulnerabilities
| Bugtraq ID: | 12846 |
| Class: | Design Error |
| CVE: |
CVE-2005-0833 CVE-2005-0834 CVE-2005-0835 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 18 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | Discovery of these vulnerabilities is credited to pureone <[email protected]>. |
| Vulnerable: |
Belkin 54G (F5D7130) |
| Not Vulnerable: | |
Discussion
Belkin 54G Wireless Router Multiple Vulnerabilities
The Belkin 54G (F5D7130) appliance is reported prone to multiple remote vulnerabilities. The following individual issues are reported:
It is reported that the Belkin 54G appliance transmits UPNP datagrams to the connected private network at regular intervals. Reports indicate that these datagrams contain a URI, this URI may be accessed by local network users without requiring authentication.
A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information.
It is reported that SNMP support is enabled on the affected appliance under a default configuration.
A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information.
Finally, it is reported that the SNMP service may be exploited to deny service for legitimate users.
A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to deny service for legitimate users.
The Belkin 54G (F5D7130) appliance is reported prone to multiple remote vulnerabilities. The following individual issues are reported:
It is reported that the Belkin 54G appliance transmits UPNP datagrams to the connected private network at regular intervals. Reports indicate that these datagrams contain a URI, this URI may be accessed by local network users without requiring authentication.
A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information.
It is reported that SNMP support is enabled on the affected appliance under a default configuration.
A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information.
Finally, it is reported that the SNMP service may be exploited to deny service for legitimate users.
A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to deny service for legitimate users.
Exploit / POC
Belkin 54G Wireless Router Multiple Vulnerabilities
No exploit is required.
No exploit is required.
Solution / Fix
Belkin 54G Wireless Router Multiple Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.