Vulnerability Note VU#600724
ZTE F460/F660 cable modems contain an unauthenticated backdoor
Original Release date: 04 Mar 2014 | Last revised: 19 Mar 2014
ZTE F460/F660 cable modems contain an unauthenticated backdoor.
ZTE F460/F660 cable modems contain an unauthenticated backdoor. The web_shell_cmd.gch script accepts unauthenticated commands that have administrative access to the device. It has been reported that the web_shell_cmd.gch script is sometimes accessible from the WAN interface making exploitation of this backdoor from the Internet possible in certain cases.
Additional details may be found in Rapid7’s R7-2013-18 advisory.
ZTE has provided a statement about this vulnerability.
An unauthenticated attacker can run commands with administrator level access on the device.
We are currently unaware of a practical solution to this problem. Please consider the following workaround.
Remove Affected Script
Users can log into the device and manually delete the web_shell_cmd.gch script.
Vendor Information (Learn More)
VendorStatusDate NotifiedDate UpdatedZTE CorporationAffected-19 Mar 2014If you are a vendor and your product is affected, let
CVSS Metrics (Learn More)
Thanks to Rapid7 for reporting this vulnerability.
This document was written by Jared Allar.
03 Mar 2014
Date First Published:
04 Mar 2014
Date Last Updated:
19 Mar 2014
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email.