Buffalo LinkStation LS-WTGL Default Admin Account & Guest Access Information

From: Darius Freamon <darius.freamon@gmail.com>
To: submit@offsec.com,vuln@secunia.com,moderators@osvdb.org,vuln@securityfocus.com,bugtraq@securityfocus.com,full-disclosure@lists.grok.org.uk
Cc:
Subject: Buffalo LinkStation LS-WTGL Default Admin Account & Guest Access Information
Date:


After reading l0rd lunatic's post about the Buffalo router
(http://seclists.org/fulldisclosure/2012/Nov/234), noticed that going
to login page and clicking 'help' will show you the default admin
account. I think that is what he meant about information disclosure!
It also lets you login as guest and provides more information.

Clicking help:

http://ROUTER/help/en/auth.html?gDummy=1354674691647&_=

HTTP/1.1 200 OK
Date: Wed, 05 Dec 2012 02:45:08 GMT
Server: Apache/1.3.34 (Unix)
Last-Modified: Fri, 11 Jul 2008 12:13:45 GMT
ETag: "140d1e9-14b-48774e79"
Accept-Ranges: bytes
Content-Length: 331
Content-Type: text/html; charset=UTF-8

<div id="divHelpItem" class="doc" >
<div id="divDocumentTitle">Login</div>
<div id="divDocumentText" class="doc_text">
Until you change it, the default username is "admin" and the default
password is "password".<br />
To login as Guest, please enter "guest" as user name and no password
and then press enter.
</div>
</div>

When you login as guest, it gives up this information:

http://ROUTER/cgi-bin/top.cgi

LinkStation Name         CB-NAS-001
Model Name                 LS-WTGL/R1-V3 F/W 3.09
IP Address                    127.0.0.1
Current Date and Time 2012/12/4 19:38:38
HDD Space Used         RAID Array 1 322.32 GB / 500.76 GB (64.36 %)





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.