Description
The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Davide Del Vecchio · textremotehardware
https://www.exploit-db.com/exploits/22244
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11290
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104619331706574&w=2
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-02/0127.html
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6824
Scores
EPSS
0.0445
EPSS Percentile
89.1%
Details
CWE
CWE-287
Status
published
Products (1)
ericsson/hm220dp_adsl_modem
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026