Victure RX1800 Weak Default Password Vulnerability

A vulnerability exists in the Victure RX1800 Wi-Fi router, specifically in the firmware version EN_V1.0.0_r12_110933, due to the use of a weak default password. This password consists of the last eight digits of the device's MAC address, converted to lowercase. The vulnerability allows unauthorized access to the router, as the default password is easily predictable.

Impact

Exploitation of this vulnerability allows for unauthorized access to the router, with the default password enabling login as the root user via SSH or Telnet. This access could lead to further exploitation, such as executing arbitrary commands or gaining persistent access through backdoored services.

Reproduction

The vulnerability can be reproduced by resetting the router to its factory settings, which will restore the default password. This password can then be used to log into the router via SSH or Telnet, gaining root access. The password can be predicted by taking the last eight digits of the router's MAC address and converting them to lowercase.

Remediation

There is no official fix for this vulnerability. Users are advised to replace the Victure RX1800 router with a more reputable brand.