Researchers with Pen Test Partners have found severe flaws in a range of 4G routers from different manufacturers that can result in memory leaks or remote command execution. While the vulnerabilities are very serious, the researchers say they found them “without having to do too much work.”
After Pen Test Partners disclosed the issues to the respective manufacturers, most flaws were fixed. However, the researchers say that not all vendors took the vulnerabilities as seriously as you would expect. They mention that ZTE in particular declined to fix a number of serious flaws in some of its routers, claiming that the devices were end-of-life products, even though this was far from obvious for at least one of the vulnerable devices.
Read more: 4G Router Vulnerabilities Let Attackers Take Full Control