Skip to content
Nuclei Templates

ZTE Cable Modem Web Shell

ID: CVE-2014-2321

Severity: critical

Author: geeknik

Tags: cve2014,cve,iot,zte

Description

Section titled “Description”

ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests to web_shell_cmd.gch, as demonstrated by using “set TelnetCfg” commands to enable a TELNET service with specified credentials.

YAML Source

Section titled “YAML Source”
id: CVE-2014-2321


info:
  name: ZTE Cable Modem Web Shell
  author: geeknik
  severity: critical
  description: |
    ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests to web_shell_cmd.gch, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials.
  impact: |
    Remote code execution
  remediation: |
    Apply the latest firmware update provided by ZTE to fix the vulnerability
  reference:
    - https://yosmelvin.wordpress.com/2017/09/21/f660-modem-hack/
    - https://jalalsela.com/zxhn-h108n-router-web-shell-secrets/
    - https://nvd.nist.gov/vuln/detail/CVE-2014-2321
    - http://www.kb.cert.org/vuls/id/600724
    - http://www.myxzy.com/post-411.html
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
    cvss-score: 10
    cve-id: CVE-2014-2321
    cwe-id: CWE-264
    epss-score: 0.95464
    epss-percentile: 0.99375
    cpe: cpe:2.3:h:zte:f460:-:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: zte
    product: f460
    shodan-query: cpe:"cpe:2.3:h:zte:f460"
  tags: cve2014,cve,iot,zte


http:
  - method: GET
    path:
      - "{{BaseURL}}/web_shell_cmd.gch"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "please input shell command"
          - "ZTE Corporation. All rights reserved"
        condition: and


      - type: status
        status:
          - 200
# digest: 490a0046304402205f05418df3c0ae45e7426404ba67d2bda0a9475ed17950d81d728e12ac9e72430220064ffc27fb6c6ec9915b5f6f78ab10bbcabf5108f5e6ea28cfa6bed6d1380d35:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2014/CVE-2014-2321.yaml"

View on Github