Vulnerabilities > CVE-2004-1685 - Authentication Bypass vulnerability in SMC Networks Smc7004Vwbr and Smc7008Abr

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

smc-networks

NVD

Published: 2004-09-15

Updated: 2017-07-11

Summary

SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages.

Vulnerable Configurations

Part	Description	Count
Hardware	Smc_Networks SMC Networks Smc7004Vwbr 1.21A SMC Networks Smc7004Vwbr 1.22 SMC Networks Smc7004Vwbr 1.23 SMC Networks Smc7008Abr 1.32	4

References

http://marc.info/?l=bugtraq&m=109526094614160&w=2
http://secunia.com/advisories/12601
http://www.osvdb.org/10088
http://www.securityfocus.com/bid/11197
https://exchange.xforce.ibmcloud.com/vulnerabilities/17443