Limited Black Friday Offer:

ZTE Cable Modem Web Shell CVE-2014-2321 Scanner

There is a web shell vulnerability in ZTE Cable Modem.

Short Info

Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Url

Parent Category

ZTE Cable Modem Web Shell CVE-2014-2321 Scanner Detail

web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials.

http://www.kb.cert.org/vuls/id/600724
http://www.myxzy.com/post-411.html
https://community.rapid7.com/community/infosec/blog/2014/03/03/disclosure-r7-2013-18-zte-f460-and-zte-f660-webshellcmdgch-backdoor