CVE-2016-10372

Name of the Vulnerable Software and Affected Versions Eir D1000 modem (affected versions not specified)

Description The issue is related to the improper restriction of the TR-064 protocol, allowing remote attackers to execute arbitrary commands via TCP port 7547. This can be demonstrated by opening WAN access to TCP port 80, retrieving the login password, which defaults to the Wi-Fi password, and using the NewNTPServer feature.

Recommendations As a temporary workaround, consider restricting access to the TR-064 protocol and TCP port 7547 to minimize the risk of exploitation. Avoid using the default Wi-Fi password as the login password until the issue is resolved. Consider disabling the NewNTPServer feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.