![]() The web console tool (CTRL + SHIFT + K), in which you can interpret javascript expressions in real time using the command line provided by the Web Console. and enter javascript:mimic_button('goto: 9096.') in the address field. FIRMWARE SAGEM FAST 3304 V2 MENARA Manuel d’utilisation, Notice d’ utilisation, Mode d’emploi, Manuel Port Forwarding on Sagem-FST-3304 v2 (Maroc Notice d’utilisation no-998308-1809-télécommande universelle 8 en 1 Ce mode d’emploi vous permet de vous familiariser avec SAGEM. ![]() You have to bookmark the javascript: link before it can be executed. Then execute the following javascript in the URL bar : javascript:mimic_button('goto: 9096.')īecause running javascript in the url bar has been disabled in Mozilla Firefox, we will try another way : You first need to access the router login page (without loging in) ![]() ![]() Using Chrome, Internet Explorer browser : The vulnerability can be exploited by running javascript code in the web browser bar which allows to access password change page without having permession to do so. The default URL to access to the web management interface is but this attack can also be performed by an axternal attacker who connects to the router's public IP address. The router is vulnerable to an authentification bypass bug which allows unprivileged users to modify the preconfigured root password then log in with administrator permissions. # Vulnerability description: : Sagem Fast is an ADSL Router using a web management interface in order to change configuration settings. # Tested on : Firefox, Google Chrome, Internet Explorer Change Mirror Download # Title : Sagem 3304-V2 Authentification Bypass
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |