https://revspace.nl/RevelationSpace/NewsItem11x05x30x0
Summary:
* http://192.168.0.237/downloadFile.php reveals secrets
* http://192.168.0.237/BackupConfig.php reveals secrets
* Included in the exposed secrets: root password and WPA2 keys
* The PHPs do not require authentication
* Vulnerable versions: 2.0.1, 2.0.9 (latest)
--
Met vriendelijke groet, // Kind regards, // Korajn salutojn,
Juerd Waalboer <juerd@tnx.nl>
TNX
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
