Title: ELSA Lancom 1100 Office Insecure Web Administration Vulnerability
Severity: CRITICAL
Description:
The ELSA Lancom 1100 Office router provides a wide variety of functionality for a small office enviroment, including DNS and DHCP service. It may be administered remotely through a number of mechanisms, including a web based interface.
Unfortunately, the administrative web interface does not require authentication. A knowledgable attacker may directly access web pages and perform a number of administrative actions. Immediate dangers include the ability to modify routing tables, and to upload new firmware to the router. The ability to upload malicious firmware may have far reaching consequences, and should be considered a full compromise of the router.
Additionally, one of the administrative pages includes the RAS password in the html generated by the router. This password is used to control remote access to the local network. An attacker may be able to use this password to further compromise the network behind the router.
It is possible that other products in the Lancom line share this vulnerability.
Affected Products:
- ELSA Lancom 1100 Office
References:
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
