Tags archives: bypass

 

 

 

 

 

 

0

Dasan Networks GPON ONT WiFi Router H64X Series Authentication Bypass

Dasan Networks GPON ONT WiFi Router H64X Series does not properly perform authentication and authorization, allowing it to be bypassed through cookie manipulation. Setting the Cookie ‘Grant’ with value 1 (user) or 2 (admin) will bypass security controls in place enabling the attacker to take full control of the device management interface. Source: Dasan Networks […]

The post Dasan Networks GPON ONT WiFi Router H64X Series Authentication Bypass appeared first on MondoUnix.

 

 

0

GoAutoDial 3.3 Authentication Bypass / Command Injection

This Metasploit module exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database. Command injection will be performed with root privileges. The default pre-packaged ISO builds […]

The post GoAutoDial 3.3 Authentication Bypass / Command Injection appeared first on MondoUnix.