ZTE MF971R goform_get_cmd_process Config Control External config control vulnerability [CVE-2021-21744]
CVE number = CVE-2021-21744
An exploitable Pre-Auth Configuration File Control vulnerability exists in ZTE MF971R LTE router version wa_inner_version:BD_PLKPLMF971R1V1.0.0B06.
This vulnerability is present in goform_get_cmd_process API-related code, which is a part of the ZTE MF971R web applications. A specially-crafted URL sent by an attacker and visited by a victim can lead to arbitrary configuration file entry overwrite with a null byte.
A specially-crafted HTTP request can cause a configuration file entry overwrite.
An attacker needs to provide a URL to the victim to trigger the vulnerability.
Discovered by Marcin ‘Icewall’ Noga of Cisco Talos.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.