3Com SuperStack II RAS 1500 - Unauthorized Access

Author: Piotr Chytla
type: remote
platform: hardware
port: 
date_added: 2003-03-24 
date_updated: 2012-11-02 
verified: 1 
codes: OSVDB-50430 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/7176/info

A vulnerability has been reported in 3Com RAS 1500 router that may allow attackers to access sensitive data. Specifically, RAS 1500 devices fail to carry out authentication when requests are made for various files that may contain sensitive information.

GET /user_settings.cfg HTTP/1.0