Edit: This vulnerability was registered with the CVE-2021–43483

The router model KAON CG3000, running the software version 1.00.67, customized and widely distributed by the CLARO company in Brazil, has no access control in reading or updating the device configuration.

Being connected to the same network, is possible to access, without any kind of authentication, the wifi configuration through the following endpoints:

  • http://<router-ip>/section/wlswitchint1wi-fi-rede-principal.wl
  • http://<router-ip>/section/wlswitchint0wi-fi-rede-principal.wl

--

--