安全研究人员在摩托罗拉(Motorola)MR2600 Wi-Fi 5 路由器中发现了一个严重的未认证远程代码执行(RCE)漏洞 [1]。该缺陷源于固件上传与验证过程中的认证逻辑错误,使得攻击者能够绕过身份验证机制并刷入恶意固件 [1]。
受影响设备为已停产的摩托罗拉 MR2600 路由器,其最后发布的固件版本 v1.0.22 于 2024 年中推出 [1]。利用该漏洞的条件包括:局域网内的任意用户均可触发攻击;若设备上启用了远程管理功能,则可从互联网发起远程攻击 [1]。目前监测显示,至少有 41 台此类路由器开启了远程管理并暴露在互联网上 [1]。
针对此安全问题,摩托罗拉移动与摩托罗拉解决方案两家公司互相推诿责任 [1]。鉴于设备已停产且厂商拒绝承担责任,研究人员决定公开披露该漏洞的具体细节 [1]。相关安全公告于 2026 年 7 月 13 日通过博客文章正式发布 [1]。
A security researcher has disclosed a critical unauthenticated remote code execution (RCE) vulnerability found in the firmware of Motorola MR2600 routers [1]. The flaw stems from an authentication logic defect during the firmware upload and verification process, which allows attackers to bypass identity checks and flash malicious firmware onto affected devices [1]. This specific router model supports Wi-Fi 5 standards and received its final firmware update, version v1.0.22, in mid-2024 before being marked as end-of-life (EOL) by the manufacturer [1].
The vulnerability can be triggered by any user within a local area network; if remote management is enabled on the device, it can also be exploited remotely from the internet [1]. Scans using Shodan indicate that at least 41 MR2600 routers are currently configured with remote management active and exposed to the public internet [1]. Following the discovery of this issue, Motorola Mobility and Motorola Solutions engaged in a dispute over responsibility for addressing the flaw while acknowledging the device's discontinued status [1]. Consequently, the researcher decided to publicly reveal these details via an official blog post on July 13, 2026 [1].