Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Asr-8100 | Origo | adsl_router_3.21 (including) | adsl_router_3.21 (including) |
| Asr-8400 | Origo | adsl_router (including) | adsl_router (including) |
References
- http://securityreason.com/securityalert/3300
- http://www.securityfocus.com/archive/1/341752
- http://www.securityfocus.com/bid/8855
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13463
- http://securityreason.com/securityalert/3300
- http://www.securityfocus.com/archive/1/341752
- http://www.securityfocus.com/bid/8855
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13463