10.09.2019

Zxv10 W300 Router Firmware

Zxv10 W300 Router Firmware Rating: 3,5/5 5204 votes
Zxv10 W300 Router FirmwareZxv10 W300 Router Firmware
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js.
Publish Date : 2014-07-16 Last Update Date : 2014-07-16
Scroll To Comments External Links

- CVSS Scores & Vulnerability Types

CVSS Score
Confidentiality ImpactPartial(There is considerable informational disclosure.)
Integrity ImpactNone(There is no impact to the integrity of the system)
Availability ImpactNone(There is no impact to the availability of the system.)
Access ComplexityLow(Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
AuthenticationNot required(Authentication is not required to exploit the vulnerability.)
Gained AccessNone
Vulnerability Type(s)Obtain Information
CWE ID264

- Products Affected By CVE-2014-4154

#Product TypeVendorProductVersionUpdateEditionLanguage
1 Hardware ZTEZxv10 W300 - Version DetailsVulnerabilities
2 OS ZTEZxv10 W300 Firmware 1.0.0a Zrd Lk Version DetailsVulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
ZTEZxv10 W300 1
ZTEZxv10 W300 Firmware 1

- References For CVE-2014-4154

http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html
Exploit!http://www.exploit-db.com/exploits/33803
EXPLOIT-DB 33803 ZTE WXV10 W300 - Multiple Vulnerabilities Author:Osanda Malith Release Date:2014-06-18 (hardware) webapps
https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/

- Metasploit Modules Related To CVE-2014-4154

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)

Zxv10 W300 Router Firmware Download

Page 34 ZXV10 W300 Wireless ADSL Router User's Manual Log on to the device using the username “admin”. Click the Advanced button on the web page to enter the Advanced - UpnP page, as shown in FIGURE 14. FIGURE 14 Advanced-UPnP Click UpnP on the left side of the page to enter the UPnP configuration page. Configuration procedure, step by step, by image and sound in less than 5 minutes, of the ZTE ZXV10 W300 modem as a router, how to secure the wireless network, static IP and Ports configuration.