CVE-2017-14244

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.

Existe una vulnerabilidad de omisión de autenticación en dispositivos iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 que podría permitir a atacantes acceder directamente a la configuración de administración del router creando URL manipuladas con una extensión .cgi, tal y como se puede ver en /info.cgi y /password.cgi.