Nmap Development mailing list archives
ZTE ZXV10 W300 router contains hardcoded credentials
From: Cesar Neira <csar.1603 () gmail com>
Date: Mon, 10 Feb 2014 21:06:10 -0500
Hello everyone. I have written this script to exploit a backdoor in the routers ZTE ZXV10 W300 and Planet ADE 3400. Exploit (NSE script): https://github.com/alguien-gh/scripts/blob/master/exploits/nse/airocon.nse Description: ZTE ZXV10 W300 router contains hardcoded credentials that are useable for the telnet service on the device. The username is "admin" and the password is "XXXXairocon" where "XXXX" is the last four characters of the device's MAC address. The MAC address is obtainable over SNMP with community string public. CVE: CVE-2014-0329 Dork (Shodan): Basic realm="index.htm" References: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0329 - http://alguienenlafisi.blogspot.com/2014/02/hackeando-el-router-zte-zxv10-w300-v21.html - http://www.kb.cert.org/vuls/id/228886 -- Alguien http://alguienenlafisi.blogspot.com Root-Node _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ZTE ZXV10 W300 router contains hardcoded credentials Cesar Neira (Feb 11)