Unauthenticated Remote Reboot Vulnerability in Hughes High-Performance Broadband Satellite Modems

Unauthenticated Remote Reboot Vulnerability in Hughes High-Performance Broadband Satellite Modems

CVE-2016-9496 · MEDIUM Severity

AV:A/AC:L/AU:N/C:N/I:N/A:C

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://[ip]/com/gatewayreset or http://[ip]/cgi/reboot.bin to cause the modem to reboot.

Learn more about our User Device Pen Test.