Vulnerabilities > CVE-2004-1550 - Remote Authentication Bypass vulnerability in Motorola Wr850G 4.0.3Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

motorola

metasploit

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on.

Vulnerable Configurations

Part	Description	Count
Hardware	Motorola Motorola Wr850G 4.0.3_Firmware	1

Metasploit

description	Login credentials to the Motorola WR850G router with firmware v4.03 can be obtained via a simple GET request if issued while the administrator is logged in. A lot more information is available through this request, but you can get it all and more after logging in.
id	MSF:AUXILIARY/ADMIN/MOTOROLA/WR850G_CRED
last seen	2020-06-01
modified	2018-09-15
published	2008-10-06
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1550 https://seclists.org/bugtraq/2004/Sep/0339.html
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/admin/motorola/wr850g_cred.rb
title	Motorola WR850G v4.03 Credentials

Summary

Vulnerable Configurations

Metasploit

References