VULHUB ™

It has been reported that Conexant AccessRunner DSL Console software has built-in administrative access that cannot be disabled. This vulnerability reportedly allows remote attackers to reset the router to default settings, denying legitimate users network access. Other attacks are also likely possible. It is unknown at this time if remote attackers can access the administrative interface via the WAN interface of affected devices. Mentor MR4C/UK devices are reported susceptible to this vulnerability. Due to code reuse across products, it is likely that other devices are also affected.

It has been reported that Conexant AccessRunner DSL Console software has built-in administrative access that cannot be disabled. This vulnerability reportedly allows remote attackers to reset the router to default settings, denying legitimate users network access. Other attacks are also likely possible. It is unknown at this time if remote attackers can access the administrative interface via the WAN interface of affected devices. Mentor MR4C/UK devices are reported susceptible to this vulnerability. Due to code reuse across products, it is likely that other devices are also affected.