[OWASP-Bangalore] BSNL Modems Exploit

PraKash prakash2757 at gmail.com
Fri Aug 28 10:55:46 EDT 2009


Just got hand of it, thought of sharing with you all.

As per my knowledge, BSNL India gives 80 % of users ZTE modems. Specifically
- ZXDSL 831 II.

here are few exploits out on wild.. watch out.

Change Admin Password & get full access to the modem

http://192.168.1.1/adminpasswd.cgi

URL Below gives access to configuration of the modem and you can get PPPOE
user & password with any Asterisk Password Revealers

http://192.168.1.1/vpivci.cgi

Is anyone aware at BSNL or informed them ? If they dont push a firmware
update (Hope they do) there are lakhs of Indian users at risk.

If you are BSNL User with this modem, watch out.

- Prakash
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090828/07e685b4/attachment.html 


More information about the OWASP-Bangalore mailing list