Amp'ed RF BT-AP 111 Bluetooth Access Point Authentication Bypass Vulnerability

A vulnerability exists in the Amp'ed RF BT-AP 111 Bluetooth access point's HTTP admin interface, which lacks authentication. This flaw allows unauthorized users with network access to access the admin interface and potentially modify settings or configurations.

Impact

Exploitation of this vulnerability could lead to unauthorized access and changes to the device's configuration via the web-based admin interface.

Reproduction

The vulnerability can be reproduced by accessing the BT-AP 111's HTTP admin interface over the network. Since the interface does not require authentication, anyone with network access can reach it. The device can be discovered through UPnP, which will reveal its IP address. Once the IP address is known, the admin interface can be accessed using a web browser.