QwikSec

Security Database

CVE

CWE

Training

CVE-2006-3561

Published: Jul 13, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via (1) /btvoyager_getconfig.sh, PPP credentials via (2) btvoyager_getpppcreds.sh, and decode configuration credentials via (3) btvoyager_decoder.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20080301 The Router Hacking Challenge is Over!

mailing-list

x_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-3/

x_refsource_MISC

vdb-entry

x_refsource_BID

20060716 Unauthenticated access to BT Voyager config file and PPP credentials embedded in HTML form

mailing-list

x_refsource_BUGTRAQ

20060708 Unauthenticated access to BT Voyager config file

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_VUPEN

btvoyager-config-information-disclosure(27652)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

http://ikwt.dyndns.org/projects/btvoyager-getconfig.txt

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.