CVE-2021-21748
published 2021-10-20CVE-2021-21748: ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
PriorityP356critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.72%
74.6th percentile
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zte | mf971r_firmware | — | — |
| zte | mf971r_firmware | — | — |
| zte | mf971r_firmware | — | — |
| zte | mf971r_firmware | — | — |
| zte | mf971r_firmware | — | — |
| zte | mf971r_firmware | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
blogs_talos·2023-08-02
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
## The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
Since the discovery of the widespread VPNFilter malware in 2018 , Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers.
During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141 advisories covering 289 CVEs across multiple routers.
Talos is highlighting some of the major issues our researchers discovered over the past several years, including vulnerabilities that an attacker could mostly directly access or those an adversary could chain together to gain elevated access to the devices.
There are several Snort rules that can detect possible exploitation of the vulnerabilitie
Talos
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
blogs_talos·2023-08-02
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
- Since the discovery of the widespread VPNFilter malware in 2018, Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers.
- During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141 advisories covering 289 CVEs across multiple routers.
- Talos is highlighting some of the major issues our researchers discovered over the past several years, including vulnerabilities that an attacker could mostly directly access or those an adversary could chain together to gain elevated access to the devices.
- There are several Snort rules that can detect possible exploitation of the vulnerabilities included in this post.
Small office/home office (SOHO) routers and small-scale industrial rout
Talos
Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
blogs_talos·2022-03-07·CVSS 4.3
CVE-2021-21748 [MEDIUM] Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
## Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, we decided to take an even closer look at two of these vulnerabilities — CVE-2021-21748 and CVE-2021-21745 — to show how they could be chained together by an attacker to completely take over a device.
In our latest research paper , Marcin Noga, the researcher who discovered these vulnerabilities, walks through the process of how he discovered these vulnerabilities and shows the worst-case scenario for a user should an attacker choose to exploit these issues. You can read the full paper by clicking on
Talos
Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
blogs_talos·2022-03-07·CVSS 4.3
CVE-2021-21748 [MEDIUM] Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, we decided to take an even closer look at two of these vulnerabilities — CVE-2021-21748 and CVE-2021-21745 — to show how they could be chained together by an attacker to completely take over a device.
In our latest research paper, Marcin Noga, the researcher who discovered these vulnerabilities, walks through the process of how he discovered these vulnerabilities and shows the worst-case scenario for a user should an attacker choose to exploit these issues. You can read the full paper by clicking on the button to the right, and watch the video above to see a snippet of this attack vector.
Talos
Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
blogs_talos·2021-10-18·CVSS 4.3
[MEDIUM] Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router.
The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker could exploit all these vulnerabilities by sending a specially crafted HTTP request to the targeted device.
TALOS-2021-1320 and TALOS-2021-1321 are stack-based buffer overflow vulnerabilities. An attacker could exploit these issues to execute arbitrary remote code on the targeted device. As part of these exploits, the attacker needs to complete a referrer bypass, which is outlined in TALOS-2021-1317.
TALOS-2021-1318 and TALOS-2021-1319 are pre-authentication, cross-site scripting vulnerabilities that an attacker could use to execute arbitrary JavaScript in the victim’s browser in a context of a route
Talos
Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
blogs_talos·2021-10-18·CVSS 4.3
[MEDIUM] Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
## Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router.
The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker could exploit all these vulnerabilities by sending a specially crafted HTTP request to the targeted device.
TALOS-2021-1320 and TALOS-2021-1321 are stack-based buffer overflow vulnerabilities. An attacker could exploit these issues to execute arbitrary remote code on the targeted device. As part of these exploits, the attacker needs to complete a referrer bypass, which is outlined in TALOS-2021-1317 .
TALOS-2021-1318 and TALOS-2021-1319 are pre-authentication, cross-site scripting vulnerabilities that an attacker could use
2021-10-20
Published