| 제목 | Netis WF-2404 Firmware Version: APR-R4A4-V1.1.124EN-Netis(WF-2404),2010.12.14 16:18. Hardware Allows Activation of Test or Debug Logic at Runtime |
|---|
| 설명 | RealTek RTL8196C chip exposes UART serial debug console on router PCB. Automatically drops you into a root shell without prompting for any authentication. Physical access is required but soldering not required, can be performed trivially without lasting detection.
Simple Attack Example is attached in the Advisory/Exploit section, but full writeups available here.
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-cont
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with
Attempted to contact vendor via phone, no response. No public contact email listed. |
|---|
| 원천 | ⚠️ https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with |
|---|
| 사용자 | scoozi (UID 82836) |
|---|
| 제출 | 2025. 03. 15. PM 11:43 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 03. 28. PM 12:48 (13 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 301894 [Netis WF-2404 1.1.124EN UART Local Privilege Escalation] |
|---|
| 포인트들 | 20 |
|---|