CVE-2018-7359

Vulnerability

CVE-2018-7359 is a heap-based buffer overflow vulnerability in the ZTE ZXHN F670 product, affecting all versions up to V1.1.10P3T18 [1]. The vulnerability exists in an unspecified component of the device's firmware, and does not require authentication to be reached [1]. The official advisory also lists other affected ZTE CPE products such as ZXA10 F668 V1.0, ZXA10 F620 V2.0, ZXHN F660 V2.0/V2.1/V2.30.20/V2.3.1, and ZXV10 H108L V1.0 for related but separate vulnerabilities [1].

Exploitation

An attacker can exploit this vulnerability over a network without needing prior authentication, though the CVSS v3.0 vector indicates a high attack complexity (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) [1]. The attacker must send specially crafted packets or data to the vulnerable service to trigger the heap overflow. No user interaction is required, and the attack can be launched remotely [1].

Impact

Successful exploitation allows an unauthenticated remote attacker to execute arbitrary code on the affected device with elevated privileges [1]. The CVSS scope is changed, meaning the compromise can affect resources beyond the vulnerable component, potentially granting full control of the router [1].

Mitigation

ZTE has released firmware version V1.1.10P3T22 for the ZXHN F670 V1.0 to resolve this vulnerability; users should upgrade to this or a later version [1]. For the ZXHN F660 V2.3.1, the fix is version V2.3.1P2T5 [1]. Other affected products (e.g., ZXA10 F668 V1.0, ZXA10 F620 V2.0) were end-of-service at the time of the advisory, and ZTE recommends replacing them with supported models [1].