Details of VAR-190001-0871

ID

VAR-190001-0871

TITLE

Sagem F@st Router Verification Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2011-3217

DESCRIPTION

Sagem F@st Routers is a router product. The Sagem Fast router (3304-V1 / 3304-V2 / 3464 / 3504) has a pre-configured root password that has not changed by default ISP and creates another administrative account. Due to a problem with the algorithm, an attacker can exploit the vulnerability to obtain a user password and access the device. Multiple Sagem F@st Routers are prone to a remote authentication-bypass vulnerability. This will completely compromise an affected device. The following routers are affected: Sagem F@st 3304 Sagem F@st 3464 Sagem F@st 3504

Trust: 0.81

sources: CNVD: CNVD-2011-3217 // BID: 49167

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2011-3217

AFFECTED PRODUCTS

vendor:	sagem	model:	f@st	scope:	eq	version:	3304	Trust: 0.6
vendor:	sagem	model:	f@st	scope:	eq	version:	3464	Trust: 0.6
vendor:	sagem	model:	f@st	scope:	eq	version:	3504	Trust: 0.6
vendor:	sagem	model:	f@st	scope:	eq	version:	35040	Trust: 0.3
vendor:	sagem	model:	f@st	scope:	eq	version:	34640	Trust: 0.3
vendor:	sagem	model:	f@st	scope:	eq	version:	33040	Trust: 0.3

sources: CNVD: CNVD-2011-3217 // BID: 49167

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201108-303

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201108-303

EXTERNAL IDS

db:	BID	id:	49167	Trust: 1.5
db:	CNVD	id:	CNVD-2011-3217	Trust: 0.6
db:	CNNVD	id:	CNNVD-201108-303	Trust: 0.6

sources: CNVD: CNVD-2011-3217 // BID: 49167 // CNNVD: CNNVD-201108-303

REFERENCES

url:	http://www.securityfocus.com/bid/49167	Trust: 1.2
url:	http://www.sagem.com/	Trust: 0.3

sources: CNVD: CNVD-2011-3217 // BID: 49167 // CNNVD: CNNVD-201108-303

CREDITS

Elouafiq Ali

Trust: 0.9

sources: BID: 49167 // CNNVD: CNNVD-201108-303

SOURCES

db:	CNVD	id:	CNVD-2011-3217
db:	BID	id:	49167
db:	CNNVD	id:	CNNVD-201108-303

LAST UPDATE DATE

2022-05-17T02:02:15.401000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-3217	date:	2011-08-17T00:00:00
db:	BID	id:	49167	date:	2011-08-16T00:00:00
db:	CNNVD	id:	CNNVD-201108-303	date:	2011-08-22T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2011-3217	date:	2011-08-17T00:00:00
db:	BID	id:	49167	date:	2011-08-16T00:00:00
db:	CNNVD	id:	CNNVD-201108-303	date:	1900-01-01T00:00:00