Comtrend HG536+ backdoor
I found a failsafe mode in router Comtrend HG536+ it permits to upload new firmware without checking user and password credentials
Normal Comtrend web access:
Press reset button with a paperclip and don't pull up
Wait until Power and ALARM lights turn off (don't pull up yet!)
The power light turns on and after some senconds it turns off again
(WLAN And your ethernet plug light is on during all the process)
Access to router IP, It shows upload new firmware web page without asking username or password
Upload new firmware with known password, and wait until the router ups the network again
Access another time to the router IP, and use your username and password :)
Posted at BinaryCell
Normal Comtrend web access:
Press reset button with a paperclip and don't pull up
Wait until Power and ALARM lights turn off (don't pull up yet!)
The power light turns on and after some senconds it turns off again
(WLAN And your ethernet plug light is on during all the process)
Access to router IP, It shows upload new firmware web page without asking username or password
Upload new firmware with known password, and wait until the router ups the network again
Access another time to the router IP, and use your username and password :)
Posted at BinaryCell
Comments
Post a Comment