RSS   Vulnerabilities for 'T2200h firmware'   RSS

2019-06-17
 
CVE-2019-12789

CWE-264
 

 
An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence (Ctrl-\) to obtain a shell with root privileges. After gaining root access, the attacker can mount the filesystem read-write and make permanent modifications to the device including bricking of the device, disabling vendor management of the device, preventing automatic upgrades, and permanently installing malicious code on the device.

 

 >>> Vendor: Actiontec 4 Products
ncs01 firmware
C1000a firmware
T2200h firmware
Web6000q firmware


Copyright 2024, cxsecurity.com

 

Back to Top