TUCoPS :: Network Appliances :: bt-21246.htm

Huawei D100 multiple flaws
Multiple Flaws in Huawei D100
Multiple Flaws in Huawei D100


Multiple Flaws in Huawei D100

by Filip Palian http://192.168.1.1/en/lan_status_adv.asp 
http://192.168.1.1/en/wlan_basic_cfg.asp 
http://192.168.1.1/en/lancfg.asp 

#9 Telnet service enabled by default
Anyone in LAN is able to log in using default admin:admin account with root privileges. There is no possibility to change this password (sic!). This account has nothing in common with the administrator account in web based managment console.

Status:
At the moment no fixes were provided by the vendor. As a workaround administrator should:
#1 change the default administrator password (still can be sniffed in LAN)
#2 enable Wi-Fi encryption
#3 turn on clients MAC addresses filtering
#4 turn off SSID broadcasting
#5 restrict access to telnet service using build-in firewall

Disclousure timeline:
23 VI 2009: Detailed information with examples, PoCs, terms of cooperation and the planned disclosure date sent to the vendor (ok@pomocplay.pl). 
	: No response from the vendor.
29 VI 2009: Resend notification with an indication this will be the last attempt to responsibly disclose.
	: No response from the vendor.
30 VI 2009: Security bulletin released.
	Response: ?

Rationale:
The vendor hasn't responded at all. The bulletin was released in hope that users will be able to protect themselves against threats described above before vendor will realese fixes and before the bad guys will reach them first.

Links:
* http://playmobile.pl/ 
* http://www.huawei.com/ 


Best regards,
Filip Palian

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH