Back to search
CVE-2008-1524
Published: Mar 26, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has "public" as its default community for both (1) read and (2) write operations, which allows remote attackers to perform administrative actions via SNMP, as demonstrated by reading the Dynamic DNS service password or inserting an XSS sequence into the system.sysName.0 variable, which is displayed on the System Status page.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20080301 The Router Hacking Challenge is Over!
mailing-list
x_refsource_BUGTRAQ
http://www.gnucitizen.org/projects/router-hacking-challenge/
x_refsource_MISC
http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now