Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, we decided to take an even closer look at two of these vulnerabilities — CVE-2021-21748 and CVE-2021-21745 — to show how they could be chained together by an attacker to completely take over a device.  

In our latest research paper, Marcin Noga, the researcher who discovered these vulnerabilities, walks through the process of how he discovered these vulnerabilities and shows the worst-case scenario for a user should an attacker choose to exploit these issues. You can read the full paper by clicking on the button to the right, and watch the video above to see a snippet of this attack vector.