إرسال #745497: Ziroom Smart Ziroom Smart Gateway (ZH-A0101) ZH-A0101 1.0.1.0 Backdoorالمعلومات

عنوانZiroom Smart Ziroom Smart Gateway (ZH-A0101) ZH-A0101 1.0.1.0 Backdoor
الوصفThe Ziroom Smart Gateway (model ZH-A0101) contains a factory-default Telnet backdoor listening on port 23 (or non-standard port 1022 in some scans). It uses weak/hardcoded default credentials (e.g., username: root/admin, password: admin or empty) granting full root shell access remotely. The backdoor is enabled via a hard-coded startup script (/etc/init.d/telnet) that launches /usr/sbin/telnetd -l /bin/login.sh on boot, restoring default root access even after modifications. This allows unauthenticated or weakly authenticated remote code execution with root privileges, leading to full device compromise and persistent backdoor access. Affected: Confirmed on firmware x.x.x.x (released 2020-04-15). Potentially earlier versions. Reference: Manufacturer download center https://ziruai.cn/ Disclosure: Discovered and publicly disclosed 2026-01-23. File system extracted via UART shell.
المصدر⚠️ https://github.com/Blackhole23-Lab/-
المستخدم
 xxyNB (UID 94808)
ارسال23/01/2026 10:23 AM (5 أشهر منذ)
الاعتدال03/02/2026 01:53 PM (11 days later)
الحالةتمت الموافقة
إدخال VulDB343976 [Ziroom ZHOME A0101 1.0.1.0 Dropbear SSH Service تنفيذ التعليمات البرمجية عن بُعد]
النقاط20

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!