ZTE H268A security issue

Modem setup, reviews and questions (All brands, including wireless modems)
Post Reply
Posts: 448
Joined: Thu May 15, 2008 11:44 am
Location: Australia, QLD

ZTE H268A security issue

Post by Franpa » Fri Jun 08, 2018 1:06 am

https://www.arnnet.com.au/article/64154 ... p=2&fpid=1
https://www.arnnet.com.au/article/64208 ... -campaign/ ( security threat includs ZTE devices)

Does ZTE currently offer a firmware update to remedy this issue? Does ZTE know if the H268A Modem/Router that was previously offered by Exetel is affected by the issue? Is there a configuration change I can make to thwart the threat? I've already rebooted my device.

What would Exetel do if the security issue resulted in my modem being bricked because of this issue (hypothetical question)?
Windows 10 Pro x64 | Ryzen 3700X | ASUS Crosshair VIII Hero (WiFi) | 16GB 3600MHz RAM | MSI Gamer 1070Ti 8GB | Exetel ZTE H268 Modem

https://www.speedtest.net/result/8729259527 (during low neighbourhood congestion)

Volunteer Site Admin
Posts: 6003
Joined: Mon Nov 13, 2006 1:16 pm
Location: Sydney

Re: ZTE H268A security issue

Post by Dazzled » Fri Jun 08, 2018 7:56 am

It affects Busybox according to my reading. This is the stripped-down Linux interface you will find if you enter by telnet. Later infestations in the device attack controllers. The suggested fix for the system is a factory reset (which replaces the working system including Busybox) and password changes.

It provides an example of why manufacturers should provide a CLI manual for these devices. Some do, others leave it to the inquisitive to find out for themselves.

Post Reply