At 05:48 PM 3/20/2007, you wrote:
I wonder what their security process is for other types of routers?
Try psirt@cisco.com http://www.cisco.com/en/US/products/products_security_vulnerability_policy.h... -Robert
---------- Forwarded message ---------- Date: 20 Mar 2007 20:31:01 -0000 From: dniggebrugge@hotmail.com To: bugtraq@securityfocus.com Subject: Linksys WAG200G - Information disclosure
Hi there,
About 2 months ago I bought a wireless ADSL modem/router, the Linksys WAG200G. Just did some basic security checks and to my utter surprise the device responded with about all sensitive information it knows:
* Product model * Password webinterface * Username PPPoA * Password PPPoA * SSID * WPA Passphrase
I notified Linksys, got some regular support questions and was then assured my concerns would be forwarded to the product engineers. Some weeks later I tried again, same message, silence since then.
My firmware version is 1.01.01, latest available for this type.
'Technical' info: Sent a packet to UDP port 916. Answer contains mentioned information. (LAN interface and Wireless interface)
Greetings, Dani�l Niggebrugge
Tellurian Networks - Global Hosting Solutions Since 1995 http://www.tellurian.com | 888-TELLURIAN | 973-300-9211 "Well done is better than well said." - Benjamin Franklin