Gigabyte Technology GN-B46B router allows authentication to be bypassed

gigabyte-gnb46b-bypass-authentication (15313) The risk level is classified as HighHigh Risk

Description:

GN-B46B could allow a local attacker to bypass security and gain unauthorized access to the router. Files stored on the server are protected with basic authorization, and are available from an HTML menu on the router itself. A local attacker can log into the local network and access the router's menu, allowing the attacker to bypass authentication and access files without having to authenticate.


Consequences:

Bypass Security

Remedy:

No remedy available as of September 1, 2014.

References:

  • BugTraq Mailing List, Tue Feb 24 2004 - 08:44:03 CST: Gigabyte Broadband Router - Multiple Vulnerabilities.
  • BID-9740: Gigabyte Gn-B46B Wireless Router Authentication Bypass Vulnerability
  • CVE-2004-0328: Gigabyte Gn-B46B 2.4Ghz wireless broadband router firmware 1.003.00 allows local users on the same local network as the router to bypass authentication by using a copy of the router's html menu on a separate system.
  • OSVDB ID: 6797: Gigabyte Gn-B46B Local Network Authentication Bypass

Platforms Affected:

  • Gigabyte Technology GN-B46B firmware 1.003.00

Reported:

Feb 24, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page