HTTP: Motorola WR850G Wireless Router Remote Authentication Bypass
This signature detects attempts to access a debug mode Web shell supplied with the Motorola WR850 Wireless Router. Attackers can use this access exploit in conjunction with an authentication bypass exploit to gain full control over the router.
Extended Description
Motorola WR850G wireless router is reported prone to a remote authentication bypass vulnerability. This issue is caused by a design error and may allow an attacker to ultimately take complete control over the device. A remote attacker can gain access to the Web interface of the affected device by periodically attempting to access restricted pages such as the 'ver.asp' script. Motorola wireless router WR850G running firmware version 4.03 is reportedly affected by this issue. It is possible that other models and firmware versions are affected as well.
Affected Products
Motorola wr850g
References
BugTraq: 11241
CVE: CVE-2004-1550
URL: http://broadband.motorola.com/consumers/products/wr850g/ http://www.securityfocus.com/archive/1/376384
Short Name
HTTP:MISC:MOTOROLA-WR850
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Authentication Bypass CVE-2004-1550 Motorola Remote Router WR850G Wireless bid:11241
Release Date
10/06/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Motorola
CVSS Score
7.5