Daniel Schwendner

**Name of the Vulnerable Software and Affected Versions** Macally WIFISD2-2A82 Media and Travel Router version 2.000.010 **Description** The Guest user in the Macally WIFISD2-2A82 Media and Travel Router can reset its own password, which has a vulnerability that can be exploited to take over the administrator account, resulting in shell access. The admin user can read the /etc/shadow file, allowing the password hashes of each user, including root, to be dumped. The root hash can be cracked easily, leading to a complete system compromise. **Recommendations** For Macally WIFISD2-2A82 Media and Travel Router version 2.000.010, consider restricting the Guest user's ability to reset its own password as a temporary workaround until a patch is available. Additionally, limit access to the /etc/shadow file to prevent the dumping of password hashes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.