← back
CVE-2014-2321

CVE-2014-2321

EPSS 58.4%◆ VulnCheck KEV
Vexday Risk Score
72High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 58.4%KEV nãoPoC públicaNuclei simMetasploit Patch
Lifecycle
11 Mar 2014Published on NVD
30 Mar 2016Public PoC
Weaponization speed
750 daysto first PoC
Recommendation: Patch as soon as possible — active exploitation confirmed.
web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.