ZTE H268A security issue

Modem setup, reviews and questions (All brands, including wireless modems)
Post Reply
Franpa
Posts: 409
Joined: Thu May 15, 2008 11:44 am
Location: Australia, QLD

ZTE H268A security issue

Post by Franpa » Fri Jun 08, 2018 1:06 am

https://www.arnnet.com.au/article/64154 ... p=2&fpid=1
https://www.arnnet.com.au/article/64208 ... -campaign/ ( security threat includs ZTE devices)

Does ZTE currently offer a firmware update to remedy this issue? Does ZTE know if the H268A Modem/Router that was previously offered by Exetel is affected by the issue? Is there a configuration change I can make to thwart the threat? I've already rebooted my device.

What would Exetel do if the security issue resulted in my modem being bricked because of this issue (hypothetical question)?
Windows 10 Pro x64 | Intel i7 920 @ 2.66GHZ | ASUS P6T Motherboard | 24GB DDR3 1333MHZ RAM | Gigabyte Geforce 760 4GB | Integrated Sound Card | Corsair AX760 Platinum Power Supply | Exetel ZTE H268 Modem

User avatar
Dazzled
Volunteer Site Admin
Posts: 5990
Joined: Mon Nov 13, 2006 1:16 pm
Location: Sydney

Re: ZTE H268A security issue

Post by Dazzled » Fri Jun 08, 2018 7:56 am

It affects Busybox according to my reading. This is the stripped-down Linux interface you will find if you enter by telnet. Later infestations in the device attack controllers. The suggested fix for the system is a factory reset (which replaces the working system including Busybox) and password changes.

It provides an example of why manufacturers should provide a CLI manual for these devices. Some do, others leave it to the inquisitive to find out for themselves.

Post Reply