Thg3000 Router Firmware -

The THG3000 runs a stripped Linux. Telnet is disabled by default, but a known exploit exists for firmware ≤6.00.12:

What you can change:

Warning: These changes may revert after a reboot or remote ISP reset.

Several CVEs affect the THG3000’s older Linux kernel and services: thg3000 router firmware

| CVE | Component | Risk | |----------------|----------------|--------------------------------------------------------------| | CVE-2021-35247 | MiniUPnPd | Remote info disclosure (LAN side) | | CVE-2022-30023 | Telnet daemon | Weak credential storage (if enabled) | | CVE-2023-28856 | HTTPd (RomPager)| Pre-auth buffer overflow → RCE (patched in 6.00.12+) |

Mitigation: Disable UPnP, WAN-side access, and remote management unless absolutely needed.

The rc init binary is a good target.

$ file /bin/rc
ELF 32-bit LSB executable, ARM, dynamically linked
$ arm-linux-gnueabi-objdump -D rc | less

Look for strings referencing:

Use Ghidra with the ARMv7-A plugin for decompilation.

A: There is no single "official" page. THG3000 is an OEM product. Downloads are provided only through your internet provider’s customer portal. For example: