[原文]Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access.
Discovery is credited to Adam Laurie <email@example.com>.
Zoom Model 5560 X3 ETHERNET ADSL Modem
The Zoom Model 5560 X3 ETHERNET ADSL Modem is reported to contain a default backdoor account.
A remote attacker can gain unauthorized access to the vulnerable appliance and then carry out other attacks against the users of the network.
No exploit is required.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.