- #CONFIGURING HUAWEI HG532E UPGRADE#
- #CONFIGURING HUAWEI HG532E PRO#
- #CONFIGURING HUAWEI HG532E CODE#
- #CONFIGURING HUAWEI HG532E SERIES#
#CONFIGURING HUAWEI HG532E CODE#
Pay more attention to the code near the functions like snprintf() and system().
#CONFIGURING HUAWEI HG532E UPGRADE#
Then, this program did the following joint and called system() function to execute finally. The definition of the function ATP_XML_GetChildNodeByName as below:įirstly, this program did the parse of SOAP XML message and received the value of two elements, NewDownloadURL and NewStatusURL.
Keeping track of the cross-referenced data
#CONFIGURING HUAWEI HG532E PRO#
Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other's presence on the network and establish functional network services for data sharing, communications, and entertainment.ĭirectly analyzing the code-named "upnp", responsible for UPnP service, with IDA pro and utilizing the string, "NewStatusURL", to locate the vulnerability point. Vulnerability AnalyzationĪccording to the report of Check Point 【1】, the vulnerability point of the RCE vulnerability is located in the UPnP service. The target system is 32-bit, big-endian MIPS architecture. There is a public firmware, HG532e version, available on the Internet.Īfter downloading, directly using binwalk to extract it.
Vulnerability Analyzation Download Firmware On Nor.23, ZoomEye Network Detector System also had captured this payload. The main function of this payload is to send elaborated UDP/TCP message so as to launch DDoS(Distributed Denial of Service) against targets, which is pretty simple. The delivered payload has been identified as OKIRU/SATORI, an updated variant of Mirai. On Nov.27,Check Point researchers reported an RCE(remote command execution) vulnerability (CVE-2017-17215) related to Huawei HG532 Routers 【1】.īefore being discovered and reported, this unnoticed Zero-Day vulnerability had already attracted numerous attacks on the Internet, and many exploit packages have already spread all over the world in many countries and regions.
#CONFIGURING HUAWEI HG532E SERIES#
Huawei HG532 Series Router is a high-speed wireless router designed for household and small office customers.