Unauthenticated RCE in Motorola's MR2600 Router
MrBruh
78 points
25 comments
July 12, 2026
Related Discussions
Found 5 related stories in 651.2ms across 14,015 title embeddings via pgvector HNSW
- Motorola effectively bricked its entire line of WiFi routers without explanation thisislife2 · 107 pts · June 06, 2026 · 55% similar
- Pre-Authentication RCE in WordPress Core patrikg · 18 pts · July 17, 2026 · 54% similar
- Tenda firmware (multiple versions) contains hidden authentication backdoor miniBill · 121 pts · July 08, 2026 · 53% similar
- CVE-2026-42511 Breakdown: RCE in FreeBSD mmsc · 14 pts · May 07, 2026 · 51% similar
- Remote Firmware Injection in Popular Solar Inverters mrlnstk · 13 pts · March 04, 2026 · 50% similar
Discussion Highlights (4 comments)
VladVladikoff
>42 hosts with remote management >vender doesn’t want to fix it Sometimes I wonder if the white hat hackers who find such a thing should just take it a step further and patch those hosts. Take the firmware, fix those bugs and update those 42 routers.
yukIttEft
In Germany we have "Störerhaftung" where routerowners are responsible for everything that happens through their router. I wonder how this would hold up in court, couldn't you argue that routers are generally buggy, how can they force any responsibility if they can easily be hacked?
bri3d
Vendor wise, these were never really made by a “Motorola” -this is a Zoom router (thus the domain) that used the Motorola name under license. The “old” Motorola router division Motorola Home got sold to Arris _without_ the brand name in 2013, and then the brand name went to Zoom in 2016. Zoom merged with another vendor called Minim, went bankrupt in 2023, and the assets were bought by a company called e2Companies in 2024. So e2Companies is who the author should email, but good luck. I’m shocked these were even “maintained” until 2024.
4llan
Really curious the use of the "zoom.com" domain. However, since the endpoint uses insecure HTTP, maybe this should be a simple endpoint/hostname redirection. A search of "router/firmware/query.aspx" leads me to D-Link endpoints who also uses the "wrpd" subdomain.