Hi all, Ericsson is working on this issue now. A solution for this problem is on the way, we will come back with more information in next week on this. Best regards, Johan Kölhi Ericsson Broadband Access -----Original Message----- From: Fredrik Björk [mailto:Fredrik.Bjork.Listat_private] Sent: den 13 februari 2003 10:17 To: bugtraqat_private Subject: Re: Ericsson HM220dp ADSL modem Insecure Web Administration Vulnerability At 08:37 2003-02-11 +0100, you wrote: >Ericsson HM220dp ADSL modem Insecure Web Administration Vulnerability >Discussion: >Ericsson HM220dp is a small office enviroment ADSL modem, distributed >by many Carriers such as Telecom Italia to thousand users. >It may be administered remotely through a number of mechanisms, >including a web based interface. >Unfortunately, the web interface does not require authentication >and does not give the possibility to require it. >Unauthorized users accessing the web pages may perform a variety of >malicious actions. >By the way Ericsson forced the modem in "Bridged" mode with a modified >firmware, so the web administration page could not be accessed from >Internet but "just" from any user of the lan. >It is possible that other products of the same series share this >vulnerabilty. Not according to my contacts at Ericsson. The vulnerability is limited to one batch of 6000 modems delivered to the Italian market, which is bad enough! The entire 220 series was discontinued in 2001. >Solution: >Ericsson has been contacted months ago but it's not still providing an >updated firmware version that could prevent the problem ignoring it. If Ericsson is completely ignoring this issue, it is not good! However, it seems that they have provided an upgrade to limit unauthenticated access to the LAN side of the modem, which could be considered an acceptable solution. /Fredrik
This archive was generated by hypermail 2b30 : Wed Feb 19 2003 - 12:19:21 PST