Telus Actiontec T2200H WiFi Credential Disclosure

Posted by deepcore on June 13, 2019 – 11:59 am

Telus Actiontec T2200H with firmware T2200H-31.128L.08 suffers from a credential disclosure vulnerability. An HTTP interface used by wireless extenders to pull the modem’s wifi settings uses DHCP client-provided option values to restrict access to this API. By forging DHCP packets, one can access this interface without any authentication and obtain details such as SSID name, encryption type, and WPA/WEP keys. This can be leveraged if an attacker is on the same Layer 2 network as the modem.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Telus Actiontec WEB6000Q Privilege Escalation FusionPBX 4.4.3 Remote Command Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Telus Actiontec T2200H WiFi Credential Disclosure

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL