Hasty Briefsbeta

Bilingual

Unauthenticated RCE in Motorola's MR2600 Router

6 hours ago
  • #Firmware Exploit
  • #Router Security
  • #Vulnerability Disclosure
  • The article details the discovery of an unauthenticated Remote Code Execution (RCE) vulnerability in Motorola's MR2600 router.
  • The vulnerability involves two steps: first, uploading a malicious firmware via a flawed multipart form handler, and second, triggering firmware flashing through an authentication bypass in SOAP handlers.
  • The exploit can be executed by any attacker on the LAN without authentication, and may be remotely exploitable if remote management is enabled on the router.
  • Motorola declined responsibility for the end-of-life MR2600 router, leading to public disclosure of the vulnerability.
  • The author received no bug bounties for reporting vulnerabilities to various vendors, including Motorola.