backdoored-zte: ZTE Router Panel - Detect

日期: 2025-09-01 | 影响软件: zte | POC: 已公开

漏洞描述

Multiple ZTE router panels were detected. These routers have a telnet-hardcoded backdoor account that spawns root shell. shodan-query: http.html:"ZTE Corporation" fofa: title="F660" google: intitle:"F660" intext:"ZTE Corporation"

PoC代码[已公开]

id: backdoored-zte

info:
  name: ZTE Router Panel - Detect
  author: its0x08
  severity: critical
  verified: true
  description: |
    Multiple ZTE router panels were detected. These routers have a telnet-hardcoded backdoor account that spawns root shell.
    shodan-query: http.html:"ZTE Corporation"
    fofa: title="F660"
    google: intitle:"F660" intext:"ZTE Corporation"
  reference:
    - https://www.exploit-db.com/ghdb/7179
  tags: edb,network,zte,telnet,backdoor,router
  created: 2023/03/27

rules:
  r0:
    request:
      type: go
      data: backdoored-zte
    expression: response.raw.bcontains(b'BusyBox')
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/backdoored-zte.yaml

相关漏洞推荐