T-Com Speedport 500V 'LogInKey' Cookie Parameter Authentication Bypass Vulnerability
BID:22160
Info
T-Com Speedport 500V 'LogInKey' Cookie Parameter Authentication Bypass Vulnerability
| Bugtraq ID: | 22160 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-0435 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 22 2007 12:00AM |
| Updated: | May 12 2015 07:35PM |
| Credit: | Virginity is credited with the discovery of this vulnerability. |
| Vulnerable: |
T-Com Speedport W500V 1.30 (firmware) T-Com Speedport 500V 1.31 (firmware) mod500 Targa WR500 VoIP mod500 (firmware) mod500 Speedport W500V mod500 (firmware) mod500 Speedport 500V mod500 (firmware) |
| Not Vulnerable: | |
Discussion
T-Com Speedport 500V 'LogInKey' Cookie Parameter Authentication Bypass Vulnerability
T-Com Speedport is prone to a vulnerability that allows attackers to bypass the firmware's authentication mechanism.
Exploiting this issue allows attackers to gain unauthorized access to the device's administration interface. This can result in the compromise of the device and may facilitate attacks against computers connected to the device.
T-Com Speed 500V with Firmware version 1.31 is vulnerable; other versions may also be affected.
T-Com Speedport is prone to a vulnerability that allows attackers to bypass the firmware's authentication mechanism.
Exploiting this issue allows attackers to gain unauthorized access to the device's administration interface. This can result in the compromise of the device and may facilitate attacks against computers connected to the device.
T-Com Speed 500V with Firmware version 1.31 is vulnerable; other versions may also be affected.
Exploit / POC
T-Com Speedport 500V 'LogInKey' Cookie Parameter Authentication Bypass Vulnerability
An attacker can exploit this issue via a web client.
An attacker can exploit this issue via a web client.
Solution / Fix
T-Com Speedport 500V 'LogInKey' Cookie Parameter Authentication Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
T-Com Speedport 500V 'LogInKey' Cookie Parameter Authentication Bypass Vulnerability
References:
References:
- Speedport 500V Product Page (T-Com)
- Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass (Virginity)
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass ([email protected])
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass ([email protected])