From Sven@21:1/5 to All on Fri Mar 19 18:07:15 2021
2021/03/19 16:50:20 GMT
Description: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 allows unauthenticated attackers to visit the unprotected /goform/LoadDefaultSettings endpoint
and reset the device to its factory default settings. Once the GET request is made, the
device will reboot with its default settings allowing the attacker to bypass authentication and take full control of the system.