Critical severity9.8NVD Advisory· Published May 16, 2017· Updated May 13, 2026

CVE-2016-10372

Description

The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature.

Affected products

Eir/D1000 Modem Firmware
cpe:2.3:o:eir:d1000_modem_firmware:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/nvdExploitThird Party Advisory
isc.sans.edu/forums/diary/TR069+NewNTPServer+Exploits+What+we+know+so+far/21763/nvdExploitTechnical DescriptionThird Party Advisory
ghostbin.com/paste/q2vq2nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.074
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000