Gửi #82696: BDCOM 1704-WGL BACKUP FILE /PARAM.FILE.TGZ INFORMATION DISCLOSUREthông tin

tiêu đềBDCOM 1704-WGL BACKUP FILE /PARAM.FILE.TGZ INFORMATION DISCLOSURE
Mô tảThe vulnerability affects BDCOM 1704-WGL devices with firmware version BDCOM(1704-WGL)EN-V2.0.6314, 2014.09.16 14:59. To reproduce, access one of the targets available in shodan (link below) and enter the path /param.file.tgz right after the link. Like for example http://x.x.x.x:8080/param.file.tgz. It will start downloading a file and inside it contains the credentials. They follow the pattern in which the word "guest" always comes, right after it comes a number, then a random character and finally, the user and password to log in to the device Demonstration: guest   4   € admin   intel98eood In this case, the username and password are User: admin Password: intel98eood Shodan Link: https://www.shodan.io/search?query=%22Server%3A+HTTP+Software+1.1%22+HTTP%2F1.1+BDCOM Shodan Dork: "Server: HTTP Software 1.1" HTTP/1.1 BDCOM
Nguồn⚠️ http://x.x.x.x:8080/param.file.tgz
Người dùng
 c4ng4c3ir0 (UID 38456)
Đệ trình02/02/2023 21:39 (cách đây 3 những năm)
Kiểm duyệt03/02/2023 14:03 (16 hours later)
Trạng tháiđược chấp nhận
Mục VulDB220101 [BDCOM 1704-WGL 2.0.6314 Backup File /param.file.tgz tiết lộ thông tin]
điểm17

TrướcTổng QuanTiếp theo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!