Skip Navigation

Major security hole in Zoom X3 modem/router
Tuesday 06 July 2004 16:06:00 by John Hunt

A major security hole has been found in the Zoom X3 ADSL modem/router which will leave all users open to a Denial of Service attack if it is not addressed. Various ports on the device are left open on the WAN side (Internet side) of the router by default. The two most obvious ports that can cause problems are Telnet (port 23) and HTTP (port 80) which give access to the configuration menu, and web interface respectively. Although these are password protected, if someone can guess your password then you may be vulnerable to attack.

Further, port 254 and 255 are also wide open. While these ports are not normally used for anything specific, in this case, port 254 is another telnet style menu. It is password protected with the default password used for the web interface, and worse, it is not possible to change this password. This menu gives you access to be able to factory reset the device, thus totally disabling Internet access.

A workaround has been given by Zoom in addressing this issue until a proper fix can be provided. The advice is to create dummy "Virtual Servers" on each of the ports that are open on the external interface (23, 80, 254, 255), such that any connections to them will be redirected to an IP address that doesn't exist. If you are unsure how to do this, please consult the documentation of the device or contact Zoom before changing the settings.

The Zoom X3 uses a Conexant chipset, so it is likely that other devices using the same chipset may be vulnerable to the same problem. We advise users to check their devices for similar problems. Thanks to Adam Laurie of A.L. Digital for the latest update.

If you want to discuss this article, please use our message boards. Also see previous article here.


There are currently no comments about this news item.

You must be logged in to post comments. Click here to login.