Lucene search

[email protected]CVE-2005-3724

HistoryNov 21, 2005 - 11:03 a.m.

CVE-2005-3724

2005-11-2111:03:00

CWE-200

[email protected]

web.nvd.nist.gov

zyxel

p2000w

voip

wifi

vulnerability

udp

port 9090

authentication

denial of service

remote attackers

sensitive information

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.016 Low

EPSS

Percentile

87.2%

JSON

Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication.

CPENameOperatorVersion
zyxel:prestige_2000w_v.1voip_wi-fi_phonezyxel prestige 2000w v.1voip wi-fi phoneeqwj.00.10
zyxel:p2000w_version_1_voip_wifi_phonezyxel p2000w version 1 voip wifi phoneeqwj.00.10

CPE	Name	Operator	Version
zyxel:prestige_2000w_v.1voip_wi-fi_phone	zyxel prestige 2000w v.1voip wi-fi phone	eq	wj.00.10
zyxel:p2000w_version_1_voip_wifi_phone	zyxel p2000w version 1 voip wifi phone	eq	wj.00.10

References

marc.info/?l=full-disclosure&m=113217443126673&w=2

www.osvdb.org/21292

www.securityfocus.com/bid/15478

www.vupen.com/english/advisories/2005/2476

exchange.xforce.ibmcloud.com/vulnerabilities/23092

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.016 Low

EPSS

Percentile

87.2%

JSON