Multiple Vulnerabilities Found in ZTE Portable Router

By Supriyo Chatterji / October 19, 2021

Cisco Talos has recently released information on its vulnerability test on the ZTE MF971R LTE portable router. This device is made to function like most other LTE/GSM modems, and this makes it susceptible to exploits in several ways. One of those ways is a specially crafted HTTP request sent out to the targeted device.

For this device, Talos has discovered the following:

The 1320 and 1321 vulnerabilities have to do with stack-based buffer overflows. Any potential attackers can possibly exploit these device flaws to execute arbitrary remote codes. They would need to fulfill a referrer bypass, outlined in 1317, which allows attackers to provide a URL to the victim to trigger get a referer-based mitigation bypass.

In addition, vulnerabilities 1318 and 1319 are cross-site scripting problems that can permit hackers to execute arbitrary JavaScripts on a target’s browser. In such instances, attackers must compel the user to launch an URL raised by the attacker hosting a malicious HTTP request.

Vulnerability 1316 also allows for a configuration file entry overwrite. Finally, vulnerability 1313 allows for a CRLF router vulnerability injection without needing logging in.

Cisco Talos has already communicated the vulnerability details to ZTE to help them resolve the issues and generate an update for active users. ZTE customers using the MF971R LTE portable router are recommended to upgrade to ZTE Corp. MF971R router, versions "wa_inner_version:BD_LVWRGBMF971RV1.0.0B01", "wa_inner_version:BD_PLKPLMF971R1V1.0.0B06", "zte_topsw_goahead - MD5 B2176B393A97B5BA13791FC591D2BE3F" and "zte_topsw_goahead - MD5 bf5ada32c9e8c815bfd51bfb5b8391cb". As per Talos, these versions are not affected by the recently discovered vulnerabilities.

This year, we've seen flaws in other router brands, such as Netgear (which released a fixing update) and Arcadyan.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari