From Rexploit
Wireless default settings and related vulnerability list
Here you can find a list of default settings and reported vulnerabilities of wireless related soft and hardware. The list is sorted by vendor. The information has been collected from different sources. Securityfocus, Butraq, Manuals etc. Feel free to submit further details.
1st Wave:
Model | SSID | Settings | Comments |
Misc | 1stWave |
3Com:
Default settings:
Model | SSID | Credentials | Settings | Comments |
AirConnect 2.4 GHz DS | comcomcom | |||
Misc | 3com |
Vulnerabilities:
Date | Link |
16-11-2004: | 3Com OfficeConnect ADSL Wireless 11g Firewall Router Remote Denial Of Service Vulnerability (http://www.securityfocus.com/bid/11685)
|
18-10-2004: | 3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Bypass Vulnerability (http://www.securityfocus.com/bid/11438) |
15-10-2004: | 3Com OfficeConnect ADSL Wireless 11g Firewall Router Multiple Unspecified Vulnerabilities (http://www.securityfocus.com/bid/11422) |
13-10-2004: | 3Com 3CRADSL72 ADSL Wireless Router Information Disclosure and Authentication Bypass Vulnerabilities (http://www.securityfocus.com/bid/11408)
|
Accton:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Misc | WLAN | Default Channel: 11 MAC addr: 00:30:F1:XX:XX:XX |
Acrowave:
Default settings: Unknown
Vulnerabilities:
Date | Link |
12-05-2005: | Acrowave AAP-3100AR Wireless Router Authentication Bypass Vulnerability (http://www.securityfocus.com/bid/13613)
|
Addtron:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Misc | WLAN |
Apple:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Misc english | AirPort Network | |||
Misc german | AirPort Netzwerk |
Belkin:
Date | Link |
26-08-2002: | Belkin F5D6130 Wireless Network Access Point SNMP Request Denial Of Service Vulnerability (http://www.securityfocus.com/bid/5571)
|
Baystack:
Default settings:
Model | SSID | Credentials | Settings | Comments |
650/660 802.11 DS AP | Default SSID | admin / <none> | Default Channel: 1 MAC addr: 00:20:d8:XX:XX:XX |
BT:
Date | Link |
22-06-2004: | BT Voyager 2000 Wireless ADSL Router SNMP Community String Information Disclosure Vulnerability (http://www.securityfocus.com/bid/10589)
SNMPv2-MIB::sysDescr.0 = STRING: BT Voyager 2000 Wireless ADSL Router -snip- SNMPv2-SMI::transmission.23.2.3.1.5.5.1 = STRING: "name.surname@btbroadband.com" SNMPv2-SMI::transmission.23.2.3.1.6.0.8 = "" SNMPv2-SMI::transmission.23.2.3.1.6.5.1 = STRING: "password" -snip- |
Buffalo:
Date | Link |
04-04-2003: | Buffalo WBRG54 Wireless Broadband Router Denial Of Service Vulnerability (http://www.securityfocus.com/bid/7282)
|
Cabletron:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Misc | RoamAbout |
Cisco:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Aironet access-points | tsunami | |||
Some older ones | 2 |
Compaq:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Misc | Compaq |
Vulnerabilities:
Date | Link |
28-01-2002: | Compaq Intel PRO/Wireless 2011B LAN USB Device Driver Information Disclosure Vulnerability (http://www.securityfocus.com/bid/3968)
|
D-Link:
Default settings:
Model | SSID | Settings | Comments |
DL-713 802.11 DS | WLAN | Default Channel: 11 Default IP: DHCP |
|
DI-624 AirPlus XtremeG | default | Default user: admin Default pass: admin |
|
DWL-G730AP | default | Default IP: 192.168.0.30 Default user: admin Default pass: no default password |
Vulnerabilities:
Date | Link |
21-12-2001: | D-Link DWL-1000AP Wireless LAN Access Point Plaintext Password Vulnerability (http://www.securityfocus.com/bid/3735)
|
21-12-2001: | D-Link WL-1000AP Wireless LAN Access Point Public Community String Vulnerability (http://www.securityfocus.com/bid/3736)
|
Edimax:
Default settings:
Model | SSID | Settings | Comments |
7205APL | Default user: guest Default pass: 1234 |
||
AR-6004 | Default user: admin Default pass: 1234 |
Vulnerabilities:
Date | Link |
10-06-2004: | Edimax 7205APL 802.11b Wireless Access Point default Backdoor Account Vulnerability (http://www.securityfocus.com/bid/10512)
|
ELSA:
Default settings:
Model | SSID | Settings | Comments |
Lancom Wireless L-11 / Airlancer | ELSA |
Gigabyte:
Date | Link |
24-02-2004: | Gigabyte Gn-B46B Wireless Router Authentication Bypass Vulnerability (http://www.securityfocus.com/bid/9740)
|
Intel:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Pro/Wireless | 101 | Default Channel: 3 | ||
Pro/Wireless | xlan | |||
Pro/Wireless | intel | |||
Pro/Wireless | 195 |
Vulnerabilities:
Date | Link |
28-01-2002: | Compaq Intel PRO/Wireless 2011B LAN USB Device Driver Information Disclosure Vulnerability (http://www.securityfocus.com/bid/3968)
|
Linksys:
Default settings:
Model | SSID | Credentials | Settings | Comments |
WAP-11 | linksys | Default Channel: 6 Default WEP key one: 10 11 12 13 14 15 Default WEP key two: 20 21 22 23 24 25 Default WEP key three: 30 31 32 33 34 35 Default WEP key four: 40 41 42 43 44 45 | WPC-11 | Wireless |
Wireless-G VPN Broadband Router | linksys-g | Default user: admin Default pass: admin |
Vulnerabilities:
Date | Link |
07-04-2005: | Linksys WET11 Password Update Remote Authentication Bypass Vulnerability (http://www.securityfocus.com/bid/13051)
|
Logitech:
Date | Link |
15-05-2001: | Logitech Wireless Peripheral Device Man in the Middle Vulnerability (http://www.securityfocus.com/bid/2738)
|
Longshine:
Date | Link |
06-01-2003: | Longshine Wireless Access Point Devices Information Disclosure Vulnerability (http://www.securityfocus.com/bid/6533)
|
Lucent:
Default settings:
Model | SSID | Credentials | Settings | Comments |
Misc | RoamAbout |
Microsoft:
Default settings:
Model | SSID | Settings | Comments |
MN-700 802.11g | MSNHOME | Default user: admin | |
MN-500 802.11b | MSNHOME | Default user: admin |
Vulnerabilities:
Date | Link |
04-12-2002: | Microsoft Windows XP Wireless LAN AP Information Disclosure Vulnerability (http://www.securityfocus.com/bid/6312)
|
Motorola:
Date | Link |
23-09-2004: | Motorola WR850G Wireless Router Remote Authentication Bypass Vulnerability (http://www.securityfocus.com/bid/11241)
|
Netgear:
Default settings:
Model | SSID | Settings | Comments |
Most old ones | Wireless | Default Channel: 6 Default IP address: 192.168.0.5 |
|
Newer accesspoints | NETGEAR | Default user: admin Default pass: password |
Vulnerabilities:
Date | Link |
02-11-2004: | NetGear ProSafe Dual Band Wireless VPN Firewall Default SNMP Community String Vulnerability (http://www.securityfocus.com/bid/11580)
|
03-06-2004: | Netgear WG602 Wireless Access Point Default Backdoor Account Vulnerability (http://www.securityfocus.com/bid/10459)
|
10-12-2003: | NetGear WAB102 Wireless Access Point Password Management Vulnerabilities (http://www.securityfocus.com/bid/9194)
|
03-04-2003: | Netgear FM114P ProSafe Wireless Router UPnP Information Disclosure Vulnerability (http://www.securityfocus.com/bid/7267)
POST /upnp/service/WANPPPConnection HTTP/1.1 HOST: 192.168.0.1:80 SOAPACTION: "urn:schemas-upnp-org:service:WANPPPConnection:1#GetUserName" CONTENT-TYPE: text/xml ; charset="utf-8" Content-Length: 289 |
03-04-2003: | Netgear FM114P ProSafe Wireless Router Rule Bypass Vulnerability (http://www.securityfocus.com/bid/7270)
|
10-02-2003: | Netgear FM114P Wireless Firewall File Disclosure Vulnerability (http://www.securityfocus.com/bid/6807)
|
10-10-2002: | Netgear FM114P Wireless Firewall TCP Connect Denial of Service Vulnerability (http://www.securityfocus.com/bid/5940)
|
10-10-2002: | Netgear FM114P Wireless Firewall Information Disclosure Vulnerability (http://www.securityfocus.com/bid/5943)
|
Nortel:
Date | Link |
02-03-2004: | Nortel Wireless LAN Access Point 2200 Series Denial Of Service Vulnerability (http://www.securityfocus.com/bid/9787)
|
Proxim:
Default settings:
Model | SSID | Settings | Comments |
Misc (example AP600) | Default user: <none> Default password: public SNMP password: public |
SMC:
Default settings:
Model | SSID | Settings | Comments |
SMC2652W | WLAN | Default Channel: 11 Default HTTP: user: default pass: WLAN_AP |
|
SMC 2526W | WLAN | Default IP: 192.168.0.254 Default MAC: 00:90:d1:00:11:11 (00:90:d1:xx:xx:xx) |
|
SMC 2682W | BRIDGE | Default Channel: 11 Default Admin pass: WLAN_BRIDGE |
|
Misc | SMC | Default Channel: 6 Default MAC: 00:4E:2B:A0:XX:XX |
Vulnerabilities:
Date | Link |
11-06-2003: | SMC Wireless Router Malformed PPTP Packet Denial of Service Vulnerability (http://www.securityfocus.com/bid/7876)
|
SOHOware:
Default settings:
Model | SSID | Settings | Comments |
NetBlaster II | Is the mac address of the device (See in ethereal BSSID) | Default MAC:00:80:c6:xx:xx:xx Default Channel:8 |
Symantec:
Date | Link |
09-06-2004: | Symantec Gateway Security 360R Wireless VPN Bypass Weakness (http://www.securityfocus.com/bid/10502)
|
Symbol:
Default settings:
Model | SSID | Settings | Comments |
AP41x1 and LA41x1 / LA41x3 | 101 | Default MAC: 00:a0:0f:xx:xx:xx Default WEP key one: 10 11 12 13 14 15 |
Sweex:
Date | Link |
13-05-2004: | Sweex Wireless Broadband Router/Access Point Unauthorized Access Vulnerability (http://www.securityfocus.com/bid/10339)
|
TELETRONICS:
Default settings:
Model | SSID | Settings | Comments |
Misc | any | Default Password: 1234 Console Port: No password, AT command set |
U.S. Robotics:
Default settings:
Model | SSID | Settings | Comments |
USR808054 | WLAN or USR808054 | Default Channel: 6 Default IP address: 192.168.123.254 |
|
USR8022 | WLAN or USR8022 | Default IP address: 192.168.123.254 | |
USR9106 | USR9106 | Default IP address: 192.168.1.1 Default username: admin |
Vulnerabilities:
Date | Link |
U.S. Robotics USR808054 Wireless Access Point Web Administration Denial Of Service Vulnerability (http://www.securityfocus.com/bid/10840)
|
WaveLan Family:
Default settings:
Model | SSID | Settings | Comments |
Misc | WaveLAN Network | Default channel: 3 |
ZCOMAX:
Default settings:
Model | SSID | Settings | Comments |
XWL450 | any | Default password:1 234 Console Port: No Password, AT command set |
|
XWL450 | melo | Default password:1 234 Console Port: No Password, AT command set |
|
XWL450 | test | Default password:1 234 Console Port: No Password, AT command set |
Zonet:
Date | Link |
23-04-2004: | Zonet Wireless Router NAT Implementation Design Flaw Vulnerability (http://www.securityfocus.com/bid/10225)
|
Zyxel:
Default settings:
Model | SSID | Settings | Comments |
Prestige 316 Gateway/Natbox/WirelessBridge | Wireless | Default Channel: 1 Default console pass: 1234 |
|
Zyxel "General AP" | ZyXEL | Default Channel: 1 Default IP address: 192.168.1.1 |