#1
SMC SMC7004VWBR is a wireless Cable/DSL broadband router with integrated wireless access point and SPI firewall.
It has been reported that the SMC router backup tool stores router administration credentials in plaintext format. The router administration password is stored in the file 'backup_config.exe'. Furthermore, the password is prefixed by the word 'root' making it easily identifiable by an attacker.
This weakness may result in unauthorised users disclosing sensitive router configuration information from the router backup file.
This vulnerability has been reported to affect SMC SMC7004VWBR devices, however other products may also be affected.
wireless access point and SPI firewall.
It has been reported that the SMC router backup tool stores router
administration credentials in plaintext format. The router administration
password is stored in the file 'backup_config.exe'. Furthermore, the
password is prefixed by the word 'root' making it easily identifiable by
an attacker.
This weakness may result in unauthorised users disclosing sensitive
router configuration information from the router backup file.
This vulnerability has been reported to affect SMC SMC7004VWBR devices,
however other products may also be affected.
http://www.securityfocus.com/bid/7059
__________
powered by http://different-thinking.de - Netze, Protokolle, Sicherheit, ...