Design/Logic Flaw

2021-11-2322:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30 firmware with pre-configured password management could allow an attacker to obtain root access of the device, if the local attacker dismantles the device and uses a USB-to-UART cable to connect the device, or if the remote assistance feature had been enabled by an authenticated user.

CPENameOperatorVersion
nbg6818_firmwareeq< 1.0absc.5c0
nbg7815_firmwareeq< 1.0absk.7c0
wsq20_firmwareeq< 1.0abof.11c0
wsq50_firmwareeq< 2.20abkj.7c0
wsq60_firmwareeq< 2.20abnd.8c0
wsr30_firmwareeq< 1.0abmy.12c0

Name	Operator	Version
nbg6818_firmware	eq	< 1.0absc.5c0
nbg7815_firmware	eq	< 1.0absk.7c0
wsq20_firmware	eq	< 1.0abof.11c0
wsq50_firmware	eq	< 2.20abkj.7c0
wsq60_firmware	eq	< 2.20abnd.8c0
wsr30_firmware	eq	< 1.0abmy.12c0