ogianatiempo
commented
2 years ago Hi, Thanks for your contribution. You are right, we made a mistake! v4 firmware is vulnerable, but v2 and v1 are not. If you like, you can submit a PR correcting the readme so your contribution gets acknowledged. Otherwise, let me know and I'll correct it.
munchkindev
Hello,
I've used the attached tools for analysing the newest firmware images and it seems that v1 and v2 are ARM based, so probably not vulnerable, because it doesn't use the CPU from Realtek (need confirmation on this claim though). On the readme.md it states that v2 is vulnerable only, which appears to be false.
But the v4 firmware image appears to be MIPS big endian based and vulnerable to the exploit provided.
I would appreciate if you could further test this and if my observations are true change the vulnerable devices list.