CVE-2003-1442

Ericsson Hm220dp Adsl Modem - Authentication Bypass

Title source: rule

Description

The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Davide Del Vecchio · textremotehardware

https://www.exploit-db.com/exploits/22244

View Code ZIP pw:eip

References (4)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2003-02/0127.html

[Mailing List] http://marc.info/?l=bugtraq&m=104619331706574&w=2

[Exploit, Patch] http://www.securityfocus.com/bid/6824

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/11290

Scores

EPSS 0.0413

EPSS Percentile 88.5%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

ericsson/hm220dp_adsl_modem

Timeline

Published Dec 31, 2003

Tracked Since Feb 18, 2026