Re: 127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request

Posted by Pierre Kim on Jul 27

Update on this case:

1) ipTIME responded to CNET Korea about the DHCP RCE on 2015-07-22:
http://www.cnet.co.kr/view/100140730

2) ipTIME released the 9.78 firmwares for 116 routers and finally
credited my work. 172 routers are affected in total and 9.72 firmwares
will be released soon for all the router models to patch the security
problem.

References:
ipTIME N604plus/N604R 외 15종 펌웨어 9.72 배포 -…

Leave a Reply