KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 utilizes hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through…
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 generates its SSID and password based on the WAN MAC address.
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 has several backdoors and hidden pages that allow for remote code execution, overwriting of the bootrom, and enabling debug mode.
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from an insecure direct object reference vulnerability.
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 has an unprotected web management server that is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit the syslog page and…
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 allows unauthenticated attackers to visit the unprotected /goform/LoadDefaultSettings endpoint and reset the device to its factory default settings. Once the GET request is…
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 allows unauthenticated attackers to restart the device with an HTTP GET request to /goform/RestartDevice page.
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 is susceptible to an unauthenticated configuration disclosure when direct object reference is made to the export_settings.cgi file using an HTTP GET request. This…
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from a privilege escalation vulnerability. The non-privileged default user (user:user123) can elevate his/her privileges by sending a HTTP GET request to the…
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers an insufficient session expiration. This occurs when the web application permits an attacker to reuse old session credentials or session IDs for…