Exploitation Summary
EIP tracks 1 public exploit for CVE-2014-0329. PoCs published by Cesar Neira.
AI-analyzed exploit summary This NSE script exploits CVE-2014-0329 by retrieving the MAC address via SNMP and using it to generate hardcoded telnet credentials for ZTE ZXV10 W300 routers. It then attempts to authenticate and dump credentials from the device.
Description
The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password.
Exploits (1)
This NSE script exploits CVE-2014-0329 by retrieving the MAC address via SNMP and using it to generate hardcoded telnet credentials for ZTE ZXV10 W300 routers. It then attempts to authenticate and dump credentials from the device.