[OWASP-Bangalore] BSNL Modems Exploit
aryavalli gandhi
gandhiasrn at yahoo.com
Fri Aug 28 14:36:42 EDT 2009
Interesting...I tried this ..
Its better to inform BSNL.
--- On Fri, 8/28/09, PraKash <prakash2757 at gmail.com> wrote:
> From: PraKash <prakash2757 at gmail.com>
> Subject: [OWASP-Bangalore] BSNL Modems Exploit
> To: null-co-in at googlegroups.com, owasp-bangalore at lists.owasp.org
> Date: Friday, August 28, 2009, 8:25 PM
> Just got hand of it, thought of sharing with
> you all.
>
> As per my knowledge, BSNL India gives 80 % of
> users ZTE modems. Specifically - ZXDSL 831 II.
>
>
>
> here are few
> exploits out on wild.. watch out.
>
>
>
> Change Admin
> Password & get full access to the modem
>
> http://192.168.1.1/adminpasswd.cgi
>
>
>
> URL Below gives
> access to configuration of the modem and you can get PPPOE
> user & password with any Asterisk Password
> Revealers
>
>
>
> http://192.168.1.1/vpivci.cgi
>
>
>
> Is anyone
> aware at BSNL or informed them ? If they dont push a
> firmware update (Hope they do) there are lakhs of Indian
> users at risk.
>
>
>
> If you are BSNL
> User with this modem, watch out.
>
>
>
> -
> Prakash
>
>
>
>
> -----Inline Attachment Follows-----
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
More information about the OWASP-Bangalore
mailing list