Multiple Vulnerabilities Found in ZTE Portable Router

  • Cisco Talos discovered multiple vulnerabilities in the ZTE MF971R LTE portable router.
  • The router's seven discovered flaws make it prone to the execution of arbitrary remote code.
  • Cisco Talos and ZTE have collaborated towards creating an upgrade to fix these vulnerabilities so owners can update to remove them.

Cisco Talos has recently released information on its vulnerability test on the ZTE MF971R LTE portable router. This device is made to function like most other LTE/GSM modems, and this makes it susceptible to exploits in several ways. One of those ways is a specially crafted HTTP request sent out to the targeted device.

For this device, Talos has discovered the following:

The 1320 and 1321 vulnerabilities have to do with stack-based buffer overflows. Any potential attackers can possibly exploit these device flaws to execute arbitrary remote codes. They would need to fulfill a referrer bypass, outlined in 1317, which allows attackers to provide a URL to the victim to trigger get a referer-based mitigation bypass.

In addition, vulnerabilities 1318 and 1319 are cross-site scripting problems that can permit hackers to execute arbitrary JavaScripts on a target’s browser. In such instances, attackers must compel the user to launch an URL raised by the attacker hosting a malicious HTTP request.

Vulnerability 1316 also allows for a configuration file entry overwrite. Finally, vulnerability 1313 allows for a CRLF router vulnerability injection without needing logging in.

Cisco Talos has already communicated the vulnerability details to ZTE to help them resolve the issues and generate an update for active users. ZTE customers using the MF971R LTE portable router are recommended to upgrade to ZTE Corp. MF971R router, versions "wa_inner_version:BD_LVWRGBMF971RV1.0.0B01", "wa_inner_version:BD_PLKPLMF971R1V1.0.0B06", "zte_topsw_goahead - MD5 B2176B393A97B5BA13791FC591D2BE3F" and "zte_topsw_goahead - MD5 bf5ada32c9e8c815bfd51bfb5b8391cb". As per Talos, these versions are not affected by the recently discovered vulnerabilities.

This year, we've seen flaws in other router brands, such as Netgear (which released a fixing update) and Arcadyan.

How to Watch European Athletics Championships 2022 Online From Anywhere
The Athletics action is about to get underway at the 2022 European Championships, and we cannot wait to watch our favorite track...
How to Watch Legacy: The True Story of the LA Lakers Online From Anywhere
A new documentary series featuring LeBron James, Shaquille O'Neal, Magic Johnson, and more will soon premiere, and we're excited to watch it...
How to Watch Sky High Club: Scotland and Beyond Online From Anywhere
The show that tells the stories of the young crew members of the UK's largest regional airline will premiere soon, and we...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari