Logitec Multiple LAN-W300N Products Security Bypass Vulnerability
BID:53685
Info
Logitec Multiple LAN-W300N Products Security Bypass Vulnerability
| Bugtraq ID: | 53685 |
| Class: | Access Validation Error |
| CVE: |
CVE-2012-1250 |
| Remote: | Yes |
| Local: | No |
| Published: | May 25 2012 12:00AM |
| Updated: | May 25 2012 12:00AM |
| Credit: | Jin Sawada, Keisuke Okazaki, and Naoto Katsumi of Security Engineering Laboratory, IT Security Center(ISEC) |
| Vulnerable: |
Logitec LAN-W300N/RU2 firmware 2.17 Logitec LAN-W300N/RS firmware 2.17 Logitec LAN-W300N/R firmware 2.17 |
| Not Vulnerable: | |
Discussion
Logitec Multiple LAN-W300N Products Security Bypass Vulnerability
Multiple Logitec LAN-W300N products are prone to a security-bypass vulnerability.
Exploiting this issue could allow an attacker to bypass certain security restrictions, to gain administrative privileges, to manipulate certain settings, or to disclose PPPoE credentials.
Multiple Logitec LAN-W300N products are prone to a security-bypass vulnerability.
Exploiting this issue could allow an attacker to bypass certain security restrictions, to gain administrative privileges, to manipulate certain settings, or to disclose PPPoE credentials.
Exploit / POC
Logitec Multiple LAN-W300N Products Security Bypass Vulnerability
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Logitec Multiple LAN-W300N Products Security Bypass Vulnerability
Solution:
Updates are available; please see the references for more information.
Solution:
Updates are available; please see the references for more information.
References
Logitec Multiple LAN-W300N Products Security Bypass Vulnerability
References:
References:
- LAN-W300N Changelog (Logitec)
- Logitec Homepage (Logitec)
- JVNDB-2012-000051-Logitec LAN-W300N/R series fails to restrict access permission (IPA)
- Logitec LAN-W300N/R series fails to restrict access permissions (JPCERT/CC and IPA)