Home / exploitsPDF  

NuCom 11N Wireless Router 5.07.90 Remote Privilege Escalation

Posted on 11 March 2021

NuCom 11N Wireless Router version 5.07.90 suffers from a remote privilege escalation vulnerability. The non-privileged default user (user:user) can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint and disclose the http super password (admin credentials) in Base64 encoded value. Once authenticated as admin, an attacker will be granted access to the additional and privileged pages.

 

TOP