漏洞描述
【漏洞对象】Eir/Zyxel D1000 【涉及版本】 Eir/Zyxel D1000 【漏洞描述】 EirD1000调制解调器未正确限制TR-064协议,该协议允许远程攻击者通过TCP端口7547执行任意命令,如通过打开对TCP端口80的WAN访问,获取登录密码(默认为Wi-Fi)所展示的密码),并使用NewNTPServer功能。
Eir/Zyxel D1000 Wireless Router-远程代码执行(CVE-2016-10372)
PoC代码
暂无相关漏洞推荐
- POC CVE-2019-19822: TOTOLINK/Realtek Routers - Information Disclosure
- POC CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure
- POC CVE-2019-19825: TOTOLINK/Realtek Routers - CAPTCHA Bypass
- wavlink-router-live-api-cgi-rce: WavLink Router Live API cgi RCE
- (CVE-2025-8765)Datacom DM955 5GT 1200 825.8010.00设备Wireless Basic Settings组件SSID参数跨站脚本漏洞
- POC CVE-2014-2962: Belkin N150 Router 1.00.08/1.00.09 - Path Traversal
- POC CVE-2015-0554: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
- POC CVE-2016-6277: NETGEAR Routers - Remote Code Execution
- POC CVE-2017-15647: FiberHome Routers - Local File Inclusion
- POC CVE-2017-5521: NETGEAR Routers - Authentication Bypass
- POC CVE-2018-0127: Cisco RV132W/RV134W Router - Information Disclosure
- POC CVE-2018-10822: D-Link Routers - Local File Inclusion
- POC CVE-2018-10823: D-Link Routers - Remote Command Injection