Published: 04/02/2014 Updated: 29/08/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote malicious users to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zte zxv10 w300 2.1.0

# Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials # Date: 03 Feb 2014 # Exploit Author: Cesar Neira # Vendor Homepage: wwwenztecomcn/ # Version: ZTE ZXV10 W300 v21 # CVE : CVE-2014-0329 # Dork (Shodan): Basic realm="indexhtm" # References: alguienenlafisiblogspotcom/2014/02/hackeando-el-router-zte-zxv10-w300 ...

The ZTE ZXV10 W300 router contains hard-coded credentials that are useable for the telnet service on the device The username is "admin" and the password is "XXXXairocon" where "XXXX" is the last four characters of the device's MAC address The MAC address is obtainable over SNMP with community string public ...

CWE-255 http://www.kb.cert.org/vuls/id/228886 http://osvdb.org/102816 http://www.securityfocus.com/bid/65310 http://blog.alguien.at/2014/02/hackeando-el-router-zte-zxv10-w300-v21.html http://packetstormsecurity.com/files/125142/ZTE-ZXV10-W300-Hardcoded-Credentials.html https://exchange.xforce.ibmcloud.com/vulnerabilities/90958 https://nvd.nist.gov https://www.exploit-db.com/exploits/31527/

CVE-2014-0329

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect