Gigabyte Gn-B46B Wireless Router Authentication Bypass Vulnerability

Bugtraq ID:	9740
Class:	Origin Validation Error
CVE:	CVE-2004-0328
Remote:	Yes
Local:	No
Published:	Feb 24 2004 12:00AM
Updated:	Jul 12 2009 03:06AM
Credit:	Discovery of this vulnerability has been credited to "Rafel Ivgi, The-Insider" <[email protected]>.
Vulnerable:	Gigabyte Gn-B46B
Not Vulnerable:

Gigabyte Gn-B46B Wireless Router Authentication Bypass Vulnerability

Gigabyte Gn-B46B appliance has been reported prone to an authentication bypass vulnerability. It has been reported that an attacker may save the router HTML menu on a local machine, the attacker may then use this menu to access and configure an accessible router without requiring prior authentication.

Gigabyte Gn-B46B Wireless Router Authentication Bypass Vulnerability

There is no exploit required.

Gigabyte Gn-B46B Wireless Router Authentication Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Gigabyte Gn-B46B Wireless Router Authentication Bypass Vulnerability

References:

• GN-B46B Homepage (Gigabyte)
  
• Gigabyte Broadband Router - Multiple Vulnerabilities ("Rafel Ivgi, The-Insider" )