漏洞描述
【漏洞对象】Eir/Zyxel D1000 【涉及版本】 Eir/Zyxel D1000 【漏洞描述】 EirD1000调制解调器未正确限制TR-064协议,该协议允许远程攻击者通过TCP端口7547执行任意命令,如通过打开对TCP端口80的WAN访问,获取登录密码(默认为Wi-Fi)所展示的密码),并使用NewNTPServer功能。
Eir/Zyxel D1000 Wireless Router-远程代码执行(CVE-2016-10372)
PoC代码
暂无相关漏洞推荐
-
CVE-2021-3297: Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass POC
2025-09-01 | Zyxel NBG2105 V1.00(AAGU.2)C0On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator acces... -
CVE-2022-0342: Zyxel authentication bypass patch analysis POC
2025-09-01 | ZyxelAn authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versio... -
CVE-2022-30525: Zyxel Firewall - OS Command Injection POC
2025-09-01 | Zyxel FirewallAn OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions ... -
CVE-2016-3081: Apache S2-032 Struts RCE POC
2025-09-01 | Apache StrutsApache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invo... -
CVE-2016-3088: ActiveMQ Arbitrary File Write Vulnerability (CVE-2016-3088) POC
2025-09-01 | ActiveMQThe Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to uploa...