ZBT WE2001 routers contain a critical path traversal vulnerability that allows unauthenticated remote attackers to gain full administrative access by manipulating session cookies.

A path traversal vulnerability exists in the check_token function. By supplying a specially crafted session cookie value, a remote, unauthenticated attacker can bypass the authentication logic and perform administrative actions on the device.

With a CVSS score of 10.0, this is a maximum-severity vulnerability. An attacker can gain total control over the router, allowing them to redirect traffic, intercept data, or use the device as a pivot point for further network attacks. This represents a complete compromise of the device's security.

Immediate Action: Update the ZBT WE2001 firmware to the latest version immediately to patch the check_token function.

Proactive Monitoring: Check device logs for unusual administrative logins or session cookies containing directory traversal patterns (e.g., ../).

Compensating Controls: Disable remote management features and ensure the management interface is only accessible from a trusted local network.

Public Exploit Available: No

The severity of this flaw cannot be overstated. IT administrators must apply the firmware update immediately. Devices that cannot be updated should be removed from the network to prevent a total compromise of the network perimeter.