The Shenzhen Kangda Xin DR300 router is vulnerable to full device takeover due to hardcoded credentials and insecure default Telnet configurations.

This vulnerability involves the use of hardcoded login credentials and the default enabling of the Telnet service on both WAN and LAN interfaces. These factors allow an unauthenticated attacker to gain remote access, read/write memory, modify firmware, and monitor network traffic.

With a CVSS score of 9.8, this device is effectively wide open to any attacker with network reach. Compromise of a router allows for persistent backdoor installation, interception of internal traffic, and use of the device as a pivot point for further attacks on the internal network, posing a critical risk to any environment where this device is deployed.

Immediate Action: Update the firmware to the latest available version; if no update is available, immediately disable Telnet and replace the device.

Proactive Monitoring: Scan for unauthorized Telnet connections and monitor for anomalous traffic patterns emanating from the router.

Compensating Controls: Place the router behind a robust firewall and ensure the WAN interface is not reachable from the public internet.

Public Exploit Available: No

Due to the nature of the vulnerabilities (hardcoded credentials and insecure services), this router is fundamentally insecure in its default state. Organizations should prioritize decommissioning these devices or ensuring they are entirely isolated from public-facing networks until a secure configuration or patch is applied.