[OWASP-Bangalore] BSNL Modems Exploit

aryavalli gandhi gandhiasrn at yahoo.com
Fri Aug 28 14:36:42 EDT 2009


Interesting...I tried this ..

Its better to inform BSNL.

--- On Fri, 8/28/09, PraKash <prakash2757 at gmail.com> wrote:

> From: PraKash <prakash2757 at gmail.com>
> Subject: [OWASP-Bangalore] BSNL Modems Exploit
> To: null-co-in at googlegroups.com, owasp-bangalore at lists.owasp.org
> Date: Friday, August 28, 2009, 8:25 PM
> Just got hand of it, thought of sharing with
> you all.
> 
> As per my knowledge, BSNL India gives 80 % of
> users ZTE modems. Specifically - ZXDSL 831 II.
> 
> 
> 
> here are few
> exploits out on wild.. watch out.
> 
> 
> 
> Change Admin
> Password & get full access to the modem
> 
> http://192.168.1.1/adminpasswd.cgi
> 
> 
> 
> URL Below gives
> access to configuration of the modem and you can get PPPOE
> user & password with any Asterisk Password
> Revealers
> 
> 
> 
> http://192.168.1.1/vpivci.cgi
> 
> 
> 
> Is anyone
> aware at BSNL or informed them ? If they dont push a
> firmware update (Hope they do) there are lakhs of Indian
> users at risk. 
> 
> 
> 
> If you are BSNL
> User with this modem, watch out.
> 
> 
> 
> -
> Prakash
> 
> 
> 
> 
> -----Inline Attachment Follows-----
> 
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> 


      


More information about the OWASP-Bangalore mailing list