https://revspace.nl/RevelationSpace/NewsItem11x05x30x0 Summary: * http://192.168.0.237/downloadFile.php reveals secrets * http://192.168.0.237/BackupConfig.php reveals secrets * Included in the exposed secrets: root password and WPA2 keys * The PHPs do not require authentication * Vulnerable versions: 2.0.1, 2.0.9 (latest) -- Met vriendelijke groet, // Kind regards, // Korajn salutojn, Juerd Waalboer <juerd@tnx.nl> TNX _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/