发布时间 :2004-10-26 00:00:00
修订时间 :2016-10-17 22:58:09

[原文]The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, which displays a management interface and information on established connections.

[CNNVD]Hawking Technologies HAR11A路由器敏感信息泄露漏洞(CNNVD-200410-099)

        Hawking Technologies HAR11A是一款小型路由器。
        Hawking Technologies HAR11A存在未公开接口,远程攻击者可以利用这个接口控制路由器。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20041026 Hawking Technologies HAR11A router considered insecure
(VENDOR_ADVISORY)  XF  har11a-gain-unauth-access(17877)

- 漏洞信息

Hawking Technologies HAR11A路由器敏感信息泄露漏洞
高危 访问验证错误
2004-10-26 00:00:00 2006-11-15 00:00:00
        Hawking Technologies HAR11A是一款小型路由器。
        Hawking Technologies HAR11A存在未公开接口,远程攻击者可以利用这个接口控制路由器。

- 公告与补丁

        Hawking Technology

- 漏洞信息

Hawking HAR11A and HAR14A Router Unauthenticated Administrative Access
Remote / Network Access Authentication Management
Loss of Confidentiality
Exploit Public

- 漏洞描述

ADSL Modem Router HAR11A and 4-port ADSL Modem Router HAR14A contain a flaw that may allow an attacker to obtain access to the router's administrative interface. The issue is triggered when the attacker uses telnet to connect to port 23, 254, or 255. The flaw allows unauthorized access to the router's management interface resulting in a loss of confidentiality.

- 时间线

2004-10-26 Unknow
2004-10-26 Unknow

- 解决方案

Upgrade to firmware version CX82xxx_4.1.0.21 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): 1) Use the "Virtual Host" feature in the modem's browser interface to forward ports 23, 254, and 255 to a nonexistent host (such as ""). This still allows access from the firewall side of the modem, however. 2) Put the modem into "bridge mode" and do all your NAT, PPPoE, and security from your linux firewall.

- 相关参考

- 漏洞作者