CVE-2006-3561

Name of the Vulnerable Software and Affected Versions BT Voyager 2091 Wireless firmware versions 2.21.05.08m A2pB018c1.d16d and earlier BT Voyager 2091 Wireless firmware versions 3.01m and earlier

Description The issue allows remote attackers to bypass the authentication process and gain sensitive information. This can include configuration information via the "/btvoyager getconfig.sh" endpoint, PPP credentials via the "btvoyager getpppcreds.sh" endpoint, and decoding configuration credentials via the "btvoyager decoder.c" file.

Recommendations For BT Voyager 2091 Wireless firmware versions 2.21.05.08m A2pB018c1.d16d and earlier, consider updating to a version later than 2.21.05.08m A2pB018c1.d16d to resolve the issue. For BT Voyager 2091 Wireless firmware versions 3.01m and earlier, consider updating to a version later than 3.01m to resolve the issue. As a temporary workaround, consider restricting access to the "/btvoyager getconfig.sh", "btvoyager getpppcreds.sh", and "btvoyager decoder.c" to minimize the risk of exploitation.