Multiple Vulnerabilities Found in ZTE Portable Router

  • Cisco Talos discovered multiple vulnerabilities in the ZTE MF971R LTE portable router.
  • The router's seven discovered flaws make it prone to the execution of arbitrary remote code.
  • Cisco Talos and ZTE have collaborated towards creating an upgrade to fix these vulnerabilities so owners can update to remove them.

Cisco Talos has recently released information on its vulnerability test on the ZTE MF971R LTE portable router. This device is made to function like most other LTE/GSM modems, and this makes it susceptible to exploits in several ways. One of those ways is a specially crafted HTTP request sent out to the targeted device.

For this device, Talos has discovered the following:

The 1320 and 1321 vulnerabilities have to do with stack-based buffer overflows. Any potential attackers can possibly exploit these device flaws to execute arbitrary remote codes. They would need to fulfill a referrer bypass, outlined in 1317, which allows attackers to provide a URL to the victim to trigger get a referer-based mitigation bypass.

In addition, vulnerabilities 1318 and 1319 are cross-site scripting problems that can permit hackers to execute arbitrary JavaScripts on a target’s browser. In such instances, attackers must compel the user to launch an URL raised by the attacker hosting a malicious HTTP request.

Vulnerability 1316 also allows for a configuration file entry overwrite. Finally, vulnerability 1313 allows for a CRLF router vulnerability injection without needing logging in.

Cisco Talos has already communicated the vulnerability details to ZTE to help them resolve the issues and generate an update for active users. ZTE customers using the MF971R LTE portable router are recommended to upgrade to ZTE Corp. MF971R router, versions "wa_inner_version:BD_LVWRGBMF971RV1.0.0B01", "wa_inner_version:BD_PLKPLMF971R1V1.0.0B06", "zte_topsw_goahead - MD5 B2176B393A97B5BA13791FC591D2BE3F" and "zte_topsw_goahead - MD5 bf5ada32c9e8c815bfd51bfb5b8391cb". As per Talos, these versions are not affected by the recently discovered vulnerabilities.

This year, we've seen flaws in other router brands, such as Netgear (which released a fixing update) and Arcadyan.

REVIEW OVERVIEW

Latest

Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari