go to Content

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center



Realtek ADSL/PON Modem SoC - Security Misconfiguration

TVN ID TVN-202003002
Public Date 2020-06-08
Affected Products Realtek ADSL/PON Modem SoC
Description A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool.
CVE ID CVE-2020-12773
Solution Contact Realtek Semi. Corp. for mitigation
Credit Youfu Zhang of Chaitin Security Research Lab