[Nulled] » Information security » ReSolver researcher discovered a backdoor in ZyXEL LTE3301-M209 LTE routers.
January 16 2023

ReSolver researcher discovered a backdoor in ZyXEL LTE3301-M209 LTE

ReSolver researcher discovered a backdoor in ZyXEL LTE3301-M209 LTE routers.

CVE-2022-40602 is associated with hard-coded credentials by analogy with similar problems in Telnet in D-Link DWR-921. He analyzed ELF, focusing on amit features that contained a loophole in D-Link routers.

The firmware is basically a merge of 3 partitions, the LZMA partition is the kernel, at 0x148CD6 is root-fs, and at 0x90BD36 is the contents of www.

Inside the latest Squashfs there is a file that contains the target bytes of Zlib at 0x10. Despite the fact that he did not find the Telnet credentials, but found something similar to a backdoor in the web interface. 

On September 12, 2022, he notified ZyXEL of the vulnerability by sending technical details. Two days later, ZyXEL confirmed the problems and noted that the bugs only affect the LTE3301-M209 model.

On October 19, the error was assigned a CVE, and on November 22, the ZyXEL security bulletin was published and a firmware fix was released. 

Zyxel PSIRT decided not to disclose credentials to prevent mass exploitation in the wild.

Owners of affected devices need to update them to the latest firmware version as soon as possible.

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

Related News

15 January 2023
Information security
Synology has eliminated

Synology has eliminated a critical vulnerability in VPN routers

Read more
16 January 2023
Information security
Potentially serious UEFI

Potentially serious UEFI firmware vulnerabilities in Qualcomm Snapdragon chips affect many devices manufactured by

Read more
16 January 2023
Information security
Red Balloon Security

Red Balloon Security researchers have discovered a potentially serious unpatched vulnerability affecting many

Read more
16 January 2023
Information security
The Taiwanese NAS

The Taiwanese NAS manufacturer Synology has eliminated the vulnerability of the maximum (10/10) severity in VPN

Read more
16 January 2023
Information security
Google has announced the

Google has announced the release of Chrome 109 in a stable channel with fixes for 17 vulnerabilities, including 14

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +7 Total articles 6750
  • +17 Comments 4231
  • +42 Users : 6061