| タイトル | Netis WF-2404 Router Firmware Version: APR-R4A4-V1.1.124EN-Netis(WF-2404),2010.12.14 16:18. Inclusion of Undocumented Features or Chicken Bits |
|---|
| 説明 | RealTek RTL8196C chip on router PCB exposes UART serial debug console that gives you a root shell without prompting for any authentication. Physical access is required but soldering not required, can be performed trivially without lasting detection.
The BusyBox shell includes unadvertised "flash" command, which allows user to read and write flash parameters in Management Information Base. This includes current and default usernames and passwords for the admin portal at 192.168.1.1, which are stored in cleartext in case an attacker simply wanted to read the password and be able to log in to the admin console and not change credentials so as to be stealthier.
Attack example in Advisory/Exploit Section, but full writeups available here:
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-cont
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with |
|---|
| ソース | ⚠️ https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with |
|---|
| ユーザー | scoozi (UID 82836) |
|---|
| 送信 | 2025年03月15日 23:57 (1 年 ago) |
|---|
| モデレーション | 2025年03月28日 12:48 (13 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 301897 [Netis WF-2404 1.1.124EN BusyBox Shell 弱い暗号化] |
|---|
| ポイント | 20 |
|---|