HTTP: FiberHome ADSL AN1020-25 Improper Access Restrictions
This signature detects attempts to exploit a known vulnerability against FiberHome ADSL AN1020-25. A successful attack can lead to attacker restoring a router to its factory settings.
Extended Description
An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. Due to improper authentication on this page, the software accepts the request hence allowing attacker to reset the router to its default configurations which later could allow attacker to login to router by using default username/password.
References
CVE: CVE-2017-14147
Short Name
HTTP:FIBERHOME-ADSL-AN-IAR
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ADSL AN1020-25 Access CVE-2017-14147 FiberHome Improper Restrictions
Release Date
03/28/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3415
False Positive
Unknown
CVSS Score
7.5