 gaforcesUnited We Stand, Divided We Fall
join:2002-04-07
Santa Cruz, CA | Change your router password! I read about this a couple months ago in the security forum.
One of the members had a proof of concept linked there.
This only affects routers with the default password.
--
There is no greater sign of a general decay of virtue in a nation, than a want of zeal in its inhabitants for the good of their country. ~ Joseph Addison |
|
 Doctor FourMy other vehicle is a TARDISPremium
join:2000-09-05
Dallas, TX | Or how about those with no password at all? The 2-Wire
3800HGV-B, which comes with all AT&T U-Verse installations
as the RG (Residential Gateway) has no password securing
settings at all by default. It is up to the user to go
into the configuration and change that, but I'll bet many
people don't even bother.
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot)
|
|
| Update them? |
|
| reply to Doctor Four
The most recent firmware upgrade that AT&T is pushing out forces the password on and will not let the user disable it. |
|
|
|
| reply to gaforces
I did as well. Credit where credit's due-- there are several examples available of these types of vulnerabilities located at the following link:
»www.gnucitizen.org/projects/rout···allenge/
Just do a search in the page for 'setup_dns' and you will find some examples of vulnerable cgi's he is talking about. |
|
