# Exploit Title: Huawei EchoLife HG520 Remote Information Disclosure# Date: 2010-04-19# Author: hkm# Product Link: http://www.huawei.com/mobileweb/en/products/view.do?id=660# Firmware Versions: 3.10.18.7-1.0.7.0#3.10.18.5-1.0.7.0#3.10.18.4# Software Versions: V100R001B120Telmex#V100R001B121Telmex# Exploit Download Link:# http://www.hakim.ws/huawei/HG520_udpinfo.tar.gz# https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/33869.tar.gz (HG520_udpinfo.tar.gz)
By sending a specially crafted UDP packet you can remotely obtain the
following information: software and firmware versions, MAC, local and
remote IP, model and PPPoE credentials in clear text.
The files required to reproduce this vulnerability can be downloaded
from:
http://www.hakim.ws/huawei/HG520_udpinfo.tar.gz
Requires Python, Scapy and Tcpdump. The way you run this program to test
a local modem is:~# python udp520.py
For a remote modem:~# python udp520.py <remoteIP>* If you can't see the response packet,try using Wireshark.* If "No module named all" error shows up, install scapy from source.
hkm
hkm@hakim.ws
[ Comunidad Underground de Mexico - http://www.underground.org.mx ]