Full Disclosure mailing list archives
Re: [GTA-2014-01] - Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell.
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 26 Mar 2014 13:04:06 -0500
On 03/26/2014 08:39 AM, Groundworks Technologies Advisories Team wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 *Title:* Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. *Vulnerability Information:* - - CVE: CVE-2014-1982 - - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing Authentication for Critical Function
This Is Just To Say I have exploited the backdoor that was in the modem and which you were probably saving for debugging Forgive me it was delicious so sweet and so privileged Apologies to William Carlos Williams _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- [GTA-2014-01] - Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Groundworks Technologies Advisories Team (Mar 26)
- Re: [GTA-2014-01] - Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Daniel Miller (Mar 26)