The weekly “this is why you should run open-source software on your networking gear” article:
▻http://shadow-file.blogspot.fr/2013/10/complete-persistent-compromise-of.html #security
Infovore, father, photography, roller-skating, cycling, Africa, Free software, open networks, adventure, wargaming, cooking and more geekery
The weekly “this is why you should run open-source software on your networking gear” article:
▻http://shadow-file.blogspot.fr/2013/10/complete-persistent-compromise-of.html #security
TL;DR
You skipped straight to the good stuff didn’t you? That’s cool. Here’s the deal. If you browse to ▻http:// address>/BRS_02_genieHelp.html, you are allowed to bypass authentication for all pages in the entire administrative interface. But not only that, authentication remains disabled across reboots. And, of course if remote administration is turned on, this works from the frickin’ Internet.
Don’t believe me? Give it at try. Surf to your WNDR3700v4’s web interface and request BRS_02_genieHelp.html.