View on GitHub

IoPT App

We are here to improve the SoHo security a bit!

Get it on Google Play

The rom-0 backup file contains sensitive information such as the router password. There is a disclosure in which anyone can download the file without any authentication. Vulnerability is easily identifiable by querying /rom-0 via HTTP GET request. Affected devices include ZTE, TP-Link, ZynOS, Huawei and many others.

Recommendations

Most of the vendors issued patch for their routers, but still there are many routers out there where patch is not available. Mitigation would be to firewall HTTP from WAN side.

References

CVE-2014-4019