CVE-2015-7258
CVE-2015-7258
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.
Affected products
n/a · n/apublic PoCs found — 4
cve_referencepacketstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.htmlunverifiedcve_referencepacketstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.htmlunverifiedcve_referencewww.exploit-db.com/exploits/38772/unverifiedexploitdbwww.exploit-db.com/exploits/38772unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.htmlhttp://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.htmlhttp://seclists.org/fulldisclosure/2015/Nov/48https://www.exploit-db.com/exploits/38772/