[36117] in bugtraq
RE: NETGEAR DG834G SPECIAL FEATURES
daemon@ATHENA.MIT.EDU (Andre Lorbach)
Fri Aug 13 15:29:06 2004
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-class: urn:content-classes:message
Date: Fri, 13 Aug 2004 12:22:46 +0200
Message-ID: <F1745A9F580ACD44BBA4BAC95A69F04F036DC7@rmail.adiscon.com>
From: "Andre Lorbach" <alorbach@ro1.adiscon.com>
To: <thanasonic@hack.gr>, <bugtraq@securityfocus.com>
Content-Transfer-Encoding: 8bit
> -----Original Message-----
> From: thanasonic@hack.gr [mailto:thanasonic@hack.gr]
>
> By opening http://192.168.0.1/setup.cgi?todo=debug you enable
> the router's debug mode.Then you just telnet at 192.168.0.1
> at port 23 and then you have a root shell.
>
> Also i found that if you just telnet to 192.168.0.1 2602 you
> will get a prompt from the service ZEBRA that is running on
> the router.By giving "zebra" as password *which is the
> default password* you got also a root shell.
Wow! That's exactly the router I have and these exploits work *fear*.
Fortunately, only on the local network, but they work!
With what Firmware version did you test? I still have 1.04 here.
Best regards,
Andre Lorbach
