dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2
share rss forum feed


koolkid1563
Premium,MVM
join:2005-11-06
Powell, WY

1 edit
reply to bjparker

Re: 2Wire Cross Site Request Forgery Vulnerability

Be sure that you are changing the actual address of the 2wire and not just trying to go to it. On mine, that is on this page (using the default IP anyways): »192.168.1.254/xslt?PAGE=C06

Just out of curiosity, which program is it that you were referring to?

bjparker

join:2004-09-13
England
said by koolkid1563:

Be sure that you are changing the actual address of the 2wire and not just trying to go to it. On mine, that is on this page (using the default IP anyways): »192.168.1.254/xslt?PAGE=C06

Just out of curiosity, which program is it that you were referring to?
Yes, I have changed it and checked with ipconfig.

No, I'm not going to post the number in public, or even in private unless someone proves to me thay are a network security professional. Sorry!

I still don't fully understand the implications of what I've discovered.


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
Are you sure that the mystery application is not simply using the hostname gateway.2wire.net instead of a hard coded IP address? If you are using the 2wire router for DNS resolution, that hostname will always resolve to the current IP address for the router.

Of course since you refuse to provide any details, any answer will simply be a wild guess.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
Test your firewall.