Hardcoded Password Vulnerability in ZTE ZXV10 W300 Router
CVE-2014-0329

Currently unrated

Key Information:

Vendor

Zte

Status
Zxv10 W300
Vendor
CVE Published:
4 February 2014

What is CVE-2014-0329?

The TELNET service on the ZTE ZXV10 W300 router version 2.1.0 contains a hardcoded password that concludes with 'airocon' for the admin account. This flaw significantly compromises the device's security, as malicious actors can exploit the knowledge of MAC address characters found at the start of the password to gain unauthorized administrative access, thereby potentially allowing full control over the router.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/228886
third-party-advisoryx_refsource_CERT-VN
http://packetstormsecurity.com/files/125142/ZTE-ZXV10-W30...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/90958
vdb-entryx_refsource_XF

EPSS Score

25% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.