1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: ZTE Router Backdoor Activity

Attack: ZTE Router Backdoor Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to execute arbitrary commands with administrator level access on the affected device. This may aid in further attacks.

Additional Information

ZTE F460/F660 are cable modems.

ZTE F460/F660 are prone to an unauthorized-access vulnerability. Specifically, this issue occurs because 'web_shell_cmd.gch' script accepts unauthenticated commands that have administrative access to the device.

Attackers can exploit this issue to execute arbitrary commands with administrator level access on the affected device. This may aid in further attacks.

Affected

  • ZTE F460/F660
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube