# Exploit Title: Eir D1000 Wireless Router - WAN Side Remote Command Injection
# Date: 7th November 2016
# Exploit Author: Kenzo
# Website: https://devicereversing.wordpress.com
# Tested on Firmware version: 2.00(AADU.5)_20150909
Related Articles
# Type: Webapps
# Platform: Hardware
Description
===========
By sending certain
TR
-
064
commands, we can instruct the modem to open port
80
on the firewall. This allows access the the web administration interface from the Internet facing side of the modem. The default login password
for
the
D1000
is the default Wi-Fi password. This is easily obtained with another
TR
-
064
command.
Available code here:
This post first appeared on Computer Security.org - CyberSecurity News, Inform, please read the originial post: here