<<< Date Index >>>     <<< Thread Index >>>

Re: Authentication vulnerability in Belkin wireless devices



This is very odd, as we've reproduced this vulnerability on about 5
different F5D7230-4 with firmware 4.05.3 and 4.03.3, as well as on a few
of the F5D7232-4 routers with the same firmware.

This can't be a network specific setup issue, as we've tested this on
several unrelated networks from Linux and Windows operating systems
using Firefox and MS IE browsers.

Kind Regards,

On Wed, 2005-11-16 at 07:56 -0500, S.A.B.R.O. Net Security wrote:
> Hmmm... we were unable able to reproduce this vulnerability with one of our
> Belkin Wifi F5D7230-4 with firmware version 4.05.03
> 
> Once the admin has authenticated any other attempts to access the device 
> from
> any source (hardwire lan, wifi, remote) displays the following result :
> 
> Duplicate Administrator
> This device is managed by xxx.xxx.x.x currently!!
> 

-- 
Andrei Mikhailovsky
Arhont Ltd - Information Security

Web: http://www.arhont.com
     http://www.wi-foo.com
Tel: +44 (0)870 4431337
Fax: +44 (0)117 9690141
PGP: Key ID - 0x2B3438DE
PGP: Server - keyserver.pgp.com

Attachment: signature.asc
Description: This is a digitally signed message part