Electro Industries GaugeTech Multiple Vulnerabilities

Vendor: Electro Industries GaugeTech (also marketed under ‘GE Power Leader Web Solutions’ it appears)
Products:
Nexus 1250
Nexus 1262
Nexus 1272
Nexus 1500
Product link: http://www.electroind.com/dl_page_nexus-meters.html
Shodan: EIG Embedded Web Server

By default, unauthenticated access, can get information on the power meter as well as:

http://host/meter_information.htm
Reveals internal IP and gateway
gaugtech-ip

According to the Nexus 1500 manual:

NOTE: If password protection is not enabled for the meter, the default username and password are both “anonymous”.

With that default, you can access http://host/update1.htm and upload custom/malicious firmware.

Discovered: 2013-04-10
ICS-CERT notified: 2013-04-11

Advertisements

Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: