|
|
|
|
| |
| A security vulnerability have been found in authentication system of Belkin Wireless Routers, while administrator is authenticated, any user can view and change router's configuration. |
| |
Credit:
The information has been provided by Andrei Mikhailovsky.
|
| |
Vulnerable Systems:
* Belkin Wireless Router model F5D7232-4
* Belkin Wireless Router model F5D7230-4
* Firmware version 4.05.03
* Firmware version 4.03.03
(Previous firmware versions are also likely to be effected. Other Belkin wireless devices are likely to be vulnerable.)
While a legitimate device administrator is logged into the router's web management interface, any other user/attacker can access, view and change router's web configuration without authentication from any network address. This presents an opportunistic vector of attack on the device in question.
Workaround:
At the release time of this advisory, Belkin didn't have an update that solves the issue. It is advised to filter all requests to web administration interface of the device.
|
|
|
|
|
|
|
|
|
|
