Telus WiFi Hub and Verizon G3100 owners beware! CVE-2021-20090

Science, Engineering, & Tech Security
1

20092 seems pretty simple to do with LAN access, Telnet access in 20091 is the higher risk one as anyone can Telnet into the device after injecting a configuration change.

And Telus here in Canada is pushing for people to use this router over the superior Actiontec T3200M. People report the Arcadyan firmware on the Telus includes a lot of engrish, like “the 60 seconds wait for wifi synchronization” or “Unknow error”

2

Bonus: Here’s a teardown of the Telus WiFi Hub so you can find the JTAG/UART port:

[Album] telus arcadyan boost wifi fibre hub modem

Accompanying Medium article from Tenable:

https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2

3

BleepingComputer Article:

Juniper Threat Labs Article:

https://blogs.juniper.net/en-us/security/freshly-disclosed-vulnerability-cve-2021-20090-exploited-in-the-wild