Lucene search
PRIOn knowledge basePRION:CVE-2017-18371HistoryMay 02, 2019 - 5:29 p.m.
Command injection
2019-05-0217:29:00
PRIOn knowledge base
www.prio-n.com
2
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username supervisor and password zyad1234. These accounts can be used to login to the web interface, exploit authenticated command injections, and change router settings for malicious purposes.
| CPE | Name | Operator | Version |
|---|---|---|---|
| 5200w-t_firmware | eq | 7.3.8.0 | |
| p660hn-t1a_v1_firmware | eq | 7.3.37.6 | |
| p660hn-t1a_v2_firmware | eq | 7.3.37.6 |
References
www.zyxel.com/support/announcement_unauthenticated.shtml
raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
seclists.org/fulldisclosure/2017/Jan/40
ssd-disclosure.com/index.php/archives/2910
unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
Related
cvelist
cvelist
CVE-2017-18371
2019-05-02 16:15:05
CVE-2017-18370
2019-05-02 16:14:52
nvd
nvd
CVE-2017-18371
2019-05-02 17:29:01
CVE-2017-18370
2019-05-02 17:29:00
cve
cve
CVE-2017-18371
2019-05-02 17:29:01
CVE-2017-18370
2019-05-02 17:29:00
attackerkb
attackerkb
CVE-2017-18370
2019-05-02 00:00:00
prion
prion
Command injection
2019-05-02 17:29:00