Remote Unauthenticated Root Access via Telnet on Belkin N750 (Firmware Version 1.10.22)

Remote Unauthenticated Root Access via Telnet on Belkin N750 (Firmware Version 1.10.22)

CVE-2018-1146 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

A remote unauthenticated user can enable telnet on the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to set.cgi. When enabled the telnet session requires no password and provides root access.

Learn more about our User Device Pen Test.