| Título | Netis WF-2404 Firmware Version: APR-R4A4-V1.1.124EN-Netis(WF-2404),2010.12.14 16:18. Hardware Allows Activation of Test or Debug Logic at Runtime |
|---|
| Descrição | RealTek RTL8196C chip exposes UART serial debug console on router PCB. Automatically drops you into a root shell without prompting for any authentication. Physical access is required but soldering not required, can be performed trivially without lasting detection.
Simple Attack Example is attached in the Advisory/Exploit section, but full writeups available here.
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-cont
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with
Attempted to contact vendor via phone, no response. No public contact email listed. |
|---|
| Fonte | ⚠️ https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with |
|---|
| Utilizador | scoozi (UID 82836) |
|---|
| Submissão | 15/03/2025 23h43 (há 1 Ano) |
|---|
| Moderação | 28/03/2025 12h48 (13 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 301894 [Netis WF-2404 1.1.124EN UART Local Privilege Escalation] |
|---|
| Pontos | 20 |
|---|