Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-2321

EPSS 92.01% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-2321

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ZTE F460/F660 Backdoor 未授权访问漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ZTE F460和F660都是中国中兴通讯(ZTE)公司的光纤猫(调制解调器)产品。 ZTE F460和F660光纤调制解调器的web_shell_cmd.gch脚本文件中存在安全漏洞。远程攻击者可通过发送sendcmd请求利用该漏洞获取管理的权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2014-2321

#POC DescriptionSource LinkShenlong Link
1Archive: Exploit https://www.cvedetails.com/cve/CVE-2014-2321/ For CentOShttps://github.com/injectionmethod/ZTE-Vuln-4-SkidsPOC Details
2Windows ZTE Loader CVE-2014-2321 Requires ZMAP For Windows Or BigEarhttps://github.com/injectionmethod/Windows-ZTE-LoaderPOC Details
3ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests to web_shell_cmd.gch, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2014/CVE-2014-2321.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2014-2321

登录查看更多情报信息。

Same Patch Batch · n/a · 2014-03-11 · 42 CVEs total

CVE-2014-0049Linux kernel‘complete_emulated_mmio’函数缓冲区错误漏洞
CVE-2013-5639Gnew 目录遍历漏洞
CVE-2014-0004udisks 缓冲区错误漏洞
CVE-2014-0106Sudo 输入验证漏洞
CVE-2014-1838Python logilab-common Package 不安全文件创建漏洞
CVE-2014-1839logilab-commons shellutils模块安全漏洞
CVE-2014-2311MODX System MODx SQL注入漏洞
CVE-2013-6031Huawei E355 安全漏洞
CVE-2013-6037Aker Secure Mail Gateway 跨站脚本漏洞
CVE-2013-6200HP HP-UX 安全漏洞
CVE-2013-6207HP SiteScope 安全漏洞
CVE-2013-4467VICIDIAL ‘manager_send.php’SQL注入漏洞
CVE-2014-0100Linux kernel‘inet_frag_intern’函数竞争条件漏洞
CVE-2014-0101Linux kernel 代码问题漏洞
CVE-2014-0102Linux kernel‘keyring_detect_cycle_iterator’函数加密问题漏洞
CVE-2014-0899IBM AIX WPAR ftpd 安全绕过漏洞
CVE-2014-2281Wireshark NFS解析器输入验证漏洞
CVE-2014-2282Wireshark M3UA解析器缓冲区溢出漏洞
CVE-2014-2283Wireshark RLC解析器缓冲区溢出漏洞
CVE-2014-2299Wireshark MPEG文件解析器缓冲区溢出漏洞

Showing top 20 of 42 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2014-2321

No comments yet

Leave a comment