COMMAND

	NB 1300 modem/router password remotely accessible

SYSTEMS AFFECTED

	NB 1300 modem/router, all known firwmare versions

PROBLEM

	denote [denote(at)freemail(dot)com(dot)au] found following:
	
	The NB1300 has by default the ftp server (VxWorks  (5.4.1))  exposed  to
	the WAN interface. The default password is  often  not  changed  by  the
	User.
	
	User: admin Password: password
	
	
	When connection is made to the ftp server the routers core system  Files
	are exposed to the admin account. Perform a simple "get config.reg"  and
	the username and password Of the account are given in clear text.
	
	 Impact
	 ======
	
	1. The username and password may be used to  access  the  users  Account
	details, collect their email, use the data available to them Etc...
	
	2. (untested) The  system  files  of  the  VxWorks  (5.4.1)  OS  may  be
	modified or deleted to impact a  denial  of  service,  rendering  device
	useless.

SOLUTION

	disable the ftp WAN access and/or change Admin account details.