Condorlab

BT – BT Home Hub cgi/b authentication bypass


Advisory ID
RSN-NS-0007


Vulnerability Information

 

 

BT Home Hub router could allow a remote attacker to bypass authentication, caused by an error in cgi/b. By appending an encoded backslash, percent, or tilde character to PATH_INFO, an attacker could read or change arbitrary administrative settings and make unauthorized VoIP telephone calls.


Release Date

2008-03-13


Solutions

 

 

The UCTM solution from RedShift Networks provides the industry’s first complete security solution developed to secure VOIP networks, endpoints and applications. His research team Condor-Labs.com is constantly looking for new attack patterns, advanced penetration testing methods, vulnerability identification and deployment of new signatures for constantly subscribed clients. For more information visit www.redshiftnetworks.com


External Resources

 

 

Common Vulnerabilities and Exposures (CVE)

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1334