Updated - 172 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request - A slice of Kimchi

Updated - 172 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request

ipTIME responded to CNET Korea about the DHCP RCE on 2015-07-22 - Original advisory.

ipTIME released the 9.78 firmwares for 116 routers and finally credited my work. 172 products are affected in total and 9.72 firmwares will be released soon for all the router models to patch the security problem.

References:

ipTIME N604plus/N604R 외 15종 9.72 배포
ipTIME N702BCM/N704BCM외 7종 펌웨어 9.72배포
ipTIME A5004NS 외 5종 펌웨어 9.72 배포
ipTIME A2004NS/A604 외 70 종 펌웨어 9.72 배포
ipTIME 구형 제품군 15종 펌웨어 9.72 배포

published on 2015-07-27 00:00:00 by Pierre Kim <pierre.kim.sec@gmail.com>

A slice of Kimchi - IT Security Blog

Updated - 172 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request