Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

ZTE Cable Modem Web Shell

🗓️ 02 Jun 2026 10:14:34Reported by ProjectDiscoveryType 
nuclei
 nuclei🔗 github.com👁 55 Views

ZTE Cable Modem Web Shell allows remote attackers to obtain administrative access, leading to remote code execution. Apply the latest firmware update provided by ZTE to fix the vulnerability

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2014-2321
11 Mar 201400:00
attackerkb
Circl		CVE-2014-2321
24 Oct 202400:00
circl
Check Point Advisories		ZTE F460/F660 Backdoor Unauthorized Access (CVE-2014-2321)
17 Apr 201600:00
checkpoint_advisories
CVE		CVE-2014-2321
11 Mar 201410:00
cve
Cvelist		CVE-2014-2321
11 Mar 201410:00
cvelist
Microsoft Malware Protection		How to proactively defend against Mozi IoT botnet
19 Aug 202118:00
mmpc
Microsoft Secure		How to proactively defend against Mozi IoT botnet
19 Aug 202118:00
mssecure
myhack58		Event tracking: ZTE router SOHO Router)Backdoor has been clear-vulnerability warning-the black bar safety net
14 Apr 201500:00
myhack58
NVD		CVE-2014-2321
11 Mar 201413:01
nvd
OpenVAS		ZTE F460/F660 Backdoor Unauthorized Access Vulnerability (Mar 2014) - Active Check
20 Mar 201400:00
openvas
Rows per page
id: CVE-2014-2321

info:
  name: ZTE Cable Modem Web Shell
  author: geeknik
  severity: critical
  description: |
    ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests to web_shell_cmd.gch, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials.
  impact: |
    Remote code execution
  remediation: |
    Apply the latest firmware update provided by ZTE to fix the vulnerability
  reference:
    - https://yosmelvin.wordpress.com/2017/09/21/f660-modem-hack/
    - https://jalalsela.com/zxhn-h108n-router-web-shell-secrets/
    - https://nvd.nist.gov/vuln/detail/CVE-2014-2321
    - http://www.kb.cert.org/vuls/id/600724
    - http://www.myxzy.com/post-411.html
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
    cvss-score: 10
    cve-id: CVE-2014-2321
    cwe-id: CWE-264
    epss-score: 0.9201
    epss-percentile: 0.99716
    cpe: cpe:2.3:h:zte:f460:-:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: zte
    product: f460
    shodan-query: cpe:"cpe:2.3:h:zte:f460"
  tags: cve2014,cve,iot,zte,vkev,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/web_shell_cmd.gch"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "please input shell command"
          - "ZTE Corporation. All rights reserved"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a0047304502206c7574d787579b5fed27eca059522bbdfa57f54fa8aada5326ba68ef909ce01102210080f1b71518e1581937e1f22f71b33456b179e1cb321266d11ea1ee3d1aff8c9a:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Feb 2026 07:00Current
7.2High risk
Vulners AI Score7.2
CVSS 210
EPSS0.9201
zte cable modemadministrative accessremote code executionfirmware updateremote attackers
55