Search the Community
Showing results for tags 'web6000q'.
-
Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a serial number information disclosure vulnerability. The wireless extenders use DHCP Option 125 to include device details such as model number, manufacturer, and serial number. The WCB6000Q DHCP DISCOVER and REQUEST broadcasts include the device serial number in the DHCP option 125 (subopt 2) field. An attacker on the same Layer 2 network segment as the device, can see all these DHCP requests with a packet capture. Once he or she has this, the device's admin web UI password can be reset using the web UI "forgot password" page to reset to a known value. View the full article
-
Exploits Telus Actiontec WEB6000Q Denial Of Service
1337day-Exploits posted a topic in Updated Exploits
Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a denial of service vulnerability. By querying CGI endpoints with empty (GET/POST/HEAD) requests causes a Segmentation Fault of the uhttpd webserver. Since there is no watchdog on this daemon, a device reboot is needed to restart the webserver to make any modification to the device. View the full article