The zero-day was first noticed in December 2015 but demonstrated by Yunusov yesterday at the Nullcon conference in Goa. Yunusov proceeded to reveal flaws in eight 3G and 4G modems. A query on the Internet of Things vulnerability testing search engine, Shodan allowed him to find more than 42,000 vulnerable devices exposed on the web. Yunusov said that he could find as many as 2800 Gemtek modems and routers and 1250 from Quanta and ZTE with the unpatched flaw. “All the modem models investigated had critical vulnerabilities leading to complete system compromise,” Yunusov told The Register. “Virtually all the vulnerabilities could be exploited remotely. “Not all the modems had vulnerabilities in their factory settings; some of them appeared after the firmware was customised by the service provider,” he added. Yunusov also added that all the devices he tested, lacked cross-site request forgery protection that combined with a lack of filters meant 60 percent were exposed to remote code execution.
