Vulnerability details

ZyXEL VMG1312-B10B preview

ZyXEL routers running the SSH-2.0-dropbear_0.46 are affected by restricted shell escape which isolate users on an interactive console with limited commands due to an insufficient validation of the user input by using substitution commands the attacker can execute commands with root privileges.

Successfully tested on ZyXEL models VMG1312-B10A and VMG1312-B10B with firmware versions V1.00(AAJZ.17)C0 and V1.00(AAVS.0)b21.

--

--

Gabriel Romero

Gabriel Romero

Red Team Analyst and Security Researcher, passionate about technology.