6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.1%
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. NOTE: it could be argued that this issue reflects an inherent limitation of DNS itself, so perhaps it should not be included in CVE.
CPE | Name | Operator | Version |
---|---|---|---|
zyxel:prestige_2000w_v.1voip_wi-fi_phone | zyxel prestige 2000w v.1voip wi-fi phone | eq | wj.00.10 |