Zong Device Exploit

Zong Router Exploit

Hello friends how are you i hope that you are all doing great and want to learn more so here is the Public Exploit for the Zong MBB devices Manufactured By FiberHome with this exploit we are able to get the routers Login Details just by connecting with the wifi of the device so lets get started.

Device Information FiberHome Zong MBB Internet Device

Device Hardware Version :=

Device Name (Product Type) :=
LM53SL Wireless Data Terminal

Software Version Number :=

The main issue over here is due to lack of authentication and other one is that the routers login details are being stored in plain text over CGI XML file which is access able by any one even if he is not logged into the router. Which is not a good practice this is a real important issue to fix the recommended fix to push quick firmware update to the device in which this you can do two thing to fix it

  • Don’t show the content of any CGI XML file over the client side.
  • Or require authentication by the user and then they may be able to view the files content.

The first option is most recommended.

here is the link the the XML file which store the login details.

output to this file :-

This XML file does not appear to have any style information associated with it. The document tree is shown below



And to automate this process we have created a Python Exploit for this.

Output Of the Exploit :-

 $ python zong-exploit.py

= ZONG Modem Authentication Exploiter =
[i] Using Default GATEWAY IP:

[+] We Have a Hit!

Username of Zong Device:

Password of Zong Device:

[+] We Have a Hit again!

Hardware Version of Zong Device:
Name of Zong Device:
Software Version of Zong Device:
IMEI of Zong Device!:
WiFi SSID of Zong Device:
MAC Address of Zong Device:
IP of Zong Device:
Gateway of Zong Device:
DNS 1 of Zong Device:
DNS 2 of Zong Device:

= Exploit Developed By : Jahanzaib Khan Durrani =
= Vulnerability Found By : Osama Mehmood =


Here is the code you can git it from GitHub.

GitHub Link : https://github.com/OsamaMahmood/Zong-router-exploit

Here is the Video showing how to use the exploit :-



Please enter your comment!
Please enter your name here