Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-2321 PoC — ZTE F460/F660 Backdoor 未授权访问漏洞

Source
https://github.com/injectionmethod/Windows-ZTE-Loader
Associated Vulnerability
Title:ZTE F460/F660 Backdoor 未授权访问漏洞 (CVE-2014-2321)
Description:ZTE F460和F660都是中国中兴通讯(ZTE)公司的光纤猫(调制解调器)产品。 ZTE F460和F660光纤调制解调器的web_shell_cmd.gch脚本文件中存在安全漏洞。远程攻击者可通过发送sendcmd请求利用该漏洞获取管理的权限。
Description
Windows ZTE Loader CVE-2014-2321 Requires ZMAP For Windows Or BigEar
Readme
# Windows-ZTE-Loader
- Windows ZTE Loader CVE-2014-2321 Requires ZMAP For Windows Or BigEar
- The application works by handling the output of a running scan via zmap or bigear, that output is piped into the zte application, see your operating systems documentation for piping output from a running program via CMD
File Snapshot

 [4.0K]  /data/pocs/fa1386a627dc28f40954488eae7d58278d9cbb42
├── [ 314]  README.md
└── [4.0K]  ZTE
    ├── [4.0K]  ZTE
    │   ├── [ 189]  App.config
    │   ├── [4.0K]  bin
    │   │   └── [4.0K]  Debug
    │   │       ├── [ 12K]  ZTE.exe
    │   │       ├── [ 189]  ZTE.exe.config
    │   │       ├── [ 42K]  ZTE.pdb
    │   │       └── [ 647]  ZTE.xml
    │   ├── [1.9K]  Module1.vb
    │   ├── [4.0K]  My Project
    │   │   ├── [ 441]  Application.Designer.vb
    │   │   ├── [ 481]  Application.myapp
    │   │   ├── [1.1K]  AssemblyInfo.vb
    │   │   ├── [2.7K]  Resources.Designer.vb
    │   │   ├── [5.5K]  Resources.resx
    │   │   ├── [2.9K]  Settings.Designer.vb
    │   │   └── [ 279]  Settings.settings
    │   ├── [4.0K]  obj
    │   │   └── [4.0K]  Debug
    │   │       ├── [6.6K]  DesignTimeResolveAssemblyReferencesInput.cache
    │   │       ├── [  32]  _IsIncrementalBuild
    │   │       ├── [ 12K]  ZTE.exe
    │   │       ├── [ 42K]  ZTE.pdb
    │   │       ├── [ 180]  ZTE.Resources.resources
    │   │       ├── [4.0K]  ZTE.vbproj.AssemblyReference.cache
    │   │       ├── [  42]  ZTE.vbproj.CoreCompileInputs.cache
    │   │       ├── [ 810]  ZTE.vbproj.FileListAbsolute.txt
    │   │       ├── [  84]  ZTE.vbproj.GenerateResource.cache
    │   │       ├── [   0]  ZTE.vbproj.SuggestedBindingRedirects.cache
    │   │       └── [ 647]  ZTE.xml
    │   └── [4.5K]  ZTE.vbproj
    └── [1.1K]  ZTE.sln

7 directories, 27 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.