3Com 3CRADSL72 ADSL Wireless Router - Information Disclosure / Authentication Bypass

Author: Karb0nOxyde
type: remote
platform: hardware
port: 
date_added: 2004-10-13  
date_updated: 2013-03-10  
verified: 1  
codes: CVE-2004-1596;OSVDB-10787  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 24681.txt  

source: https://www.securityfocus.com/bid/11408/info

3Com 3CRADSL72 is reported prone to an information disclosure, and an authentication bypass vulnerability. This issue can allow a remote attacker to disclose sensitive information such as the router name, primary and secondary DNS servers, default gateway. Attackers could also reportedly gain administrative access to the router.

If successful, these vulnerabilities can be used to the launch of other attacks against the device and other users on the vulnerable network.

http://www.example.com/app_sta.stm