cR0w

https://www.kr3bz.wtf/posts/sdmc-ne6037-router-recovery-backdoor/

During December 2025, I had to temporarily move to a different apartment due to renovations in my own. I spent most of the winter looking for potential targets to research and chose Windows Server Update Services (found a lame DoS, maybe I’ll post about it) as it was affected by some RCE vulnerabilities in 2025 and is a juicy target.

While I was preparing the lab environment, I noticed some Internet connectivity issues. I thought that it was the usual DHCP renewal every 24 hours enforced by the ISP, but then I realized that actually my wireless NIC was reconnecting to the router. OK, maybe some maintenance by the ISP? But the same dang thing started to happen more often, and I was getting irritated. So, how to fix this? Well, let’s pwn the device!

and

By promising to remove the backdoor and assign per-device passwords, SDMC implicitly admitted both that it exists and that every device currently ships with the same hardcoded root credentials even on latest firmware versions.

#internetOfShit

Recovering the rooter: SDMC NE6037 CVE-2026-24444

Exploiting SDMC NE6037 Router Recovery Backdoor to obtain root access

kr3bz
May 28 at 6:43pmWeb
Show threadDavid Penfold 5d ago
@cR0w Great stuff, but how did that fix the internet connectivity issues? Had the router already been pwn3d?
Show threadcR0w5d ago
@davep Wait, you aren't one of those people who solve the initial problem you dug into, are you? There was a problem, then a detour, then something cool. The initial problem has been forgotten at that point. Or at least that's how my troubleshooting tends to go. 😹
Show threadDavid Penfold 5d ago
@cR0w 🤣 Sorry! Troubleshooting for a software company was my job for years (100% technical success rate with some of the biggest companies in the world yada yada...) so I was naturally waiting for the big reveal.
Show threadcR0w5d ago
@davep Real hotshot out here with your focus and follow through and success while I'm lucky I remember to put pants on before walking outside. 😆
Show threadDavid Penfold 5d ago
@cR0w That was 20 years ago, to be fair...
Show threadDavid Penfold 5d ago
@cR0w I'm in awe of hackers btw. I just got things to follow the rules (usually in grey areas between different roles' responsibilities), whereas you guys can go full-on blue woad-daubed crazy paths and get paid for it.
Show threadcR0w5d ago
@davep Don't lump me in there. I may not always focus well, but I also don't hack well, especially anymore.
Show threadDavid Penfold 4d ago
@cR0w We all lose that focus and drive as we get older. We'd probably go mad otherwise. But we make up for it by, err, I forget. My memory isn't what it was...