CVE-2014-2321 PoC — ZTE F460/F660 Backdoor 未授权访问漏洞

Source

https://github.com/injectionmethod/ZTE-Vuln-4-Skids

Associated Vulnerability

Title:ZTE F460/F660 Backdoor 未授权访问漏洞 (CVE-2014-2321)
Description:ZTE F460和F660都是中国中兴通讯（ZTE）公司的光纤猫（调制解调器）产品。 ZTE F460和F660光纤调制解调器的web_shell_cmd.gch脚本文件中存在安全漏洞。远程攻击者可通过发送sendcmd请求利用该漏洞获取管理的权限。

Description

Archive: Exploit https://www.cvedetails.com/cve/CVE-2014-2321/ For CentOS

File Snapshot


 [4.0K]  /data/pocs/2fcb8b65f923f16213641f734b99f9c29cf13880
└── [4.0K]  ZTE ARCHIVE
    ├── [1.5K]  setup.txt
    ├── [4.0K]  zmap
    │   ├── [  73]  pass_file
    │   ├── [ 465]  Scanner.sh
    │   ├── [836K]  update
    │   └── [ 565]  zmap.sh
    └── [4.0K]  ZTE
        ├── [207K]  niglit.lst
        ├── [122K]  zte2.lst
        ├── [122K]  zte2.txt
        ├── [1.4K]  zte.go
        └── [252K]  zte.lst

3 directories, 10 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!