Unauthenticated DoS on PIX-LINK LV-WR21Q (“CVE requested”)

Vulnerability Information:

  • Product: PIX-LINK
  • Model: LV-WR21Q
  • Firmware Version: V109_109
  • Vulnerability: Unauthenticated DoS (Denial Of Services)
  • Impact: Service Disruption.
  • Author: Red Team - Miguel Alves (@0xmupa), Fabrício Oliveira (xf5), Sérgio Charruadas

Hello friend, today I’m presenting a DoS (Denial Of Services) found in the gateway of a Pix-Link router (LV-WR21Q).

What’s happening in the backend is that the router can’t understand which language code we’re trying to set and it causes a Service Disruption.

We don’t need to be authenticated at the gateway to execute this vulnerability. However it will affect the administrator, making it impossible to access the router’s settings.

PoC:

  1. Access the gateway login and intercept the request to change the interface language.
  2. In the “lang” parameter, change the parameter to a random string. e.g. exploit (as shown in the POC video)

  1. Attack executed. And now there’s no way to access the gateway via the GUI (Graphical User Interface).

Check the POC Video.

My primary goal of hacking was the intellectual curiosity, the seduction of adventure.

  • Kevin Mitnick

Tags:

Categories:

Updated: