Zte F680 Exploit -

A common theme in ISP router security is the presence of "hidden" service accounts. The ZTE F680 has been scrutinized for running services that allow higher-level access than the web interface provides.

Several Common Vulnerabilities and Exposures (CVEs) have been assigned to the ZTE F680 firmware. The most critical ones revolve around authentication bypass and command injection.

Run this from inside your network:

# Scan for open telnet/backdoor ports
nmap -p 23,9999,8888 <router_IP>
Many ZTE F680 models allow you to download a configuration backup via the admin panel. In unpatched versions, this backup is not encrypted.
Attack step:


netstat -an | grep ESTABLISHED

Look for Zte521 logins in the system log (Administration > Logs). If you see them and didn’t log in yourself – you are pwned.