Multiple vulnerabilities were found by security researchers in 4G routers manufactured by several companies. The flaws exposed users to information leaks and command execution attacks. ZTE, Netgear and TP-LINK routers also found to be vulnerable, with at least four of them also having been assigned CVEs. All the flaws were reported to vendors who fixed most of the discovered issues before the Pen Test Partners report was published but, unfortunately, the disclosure process didn’t go as smooth as expected. The vendor that stood out in the eyes of the researchers was ZTE who brushed off the vulnerabilities identified as they affected end-of-life products.
Source: https://www.bleepingcomputer.com/news/security/4g-router-vulnerabilities-let-attackers-take-full-control/