CVE Vulnerabilities

CVE-2008-1527

Published: Mar 26, 2008 | Modified: Oct 11, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack.

Affected Software

Name Vendor Start Version End Version
Prestige_660 Zyxel h-d1 h-d1
Prestige_660 Zyxel h-d3 h-d3
Prestige_661 Zyxel hw-d1 hw-d1
Zynos Zyxel 3.40 3.40
Zynos Zyxel 3.40 3.40
Zynos Zyxel 3.40 3.40
Zynos Zyxel 3.40 3.40
Zynos Zyxel 3.40 3.40
Zynos Zyxel 3.40 3.40

References