61 matches found
EUVD-2002-1060
Malware in sbrugna...
EUVD-2002-1061
Malware in sbrugna...
EUVD-2008-1522
Malware in sbrugna...
ZyXEL 3 Prestige Router HTTP Remote Administration Configuration Reset Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11723/info ZyXEL Prestige router series is reported prone to an access validation vulnerability. The vulnerability exists because the firmware of the router fails to restrict access to a configuration page that is a part ...
Zyxel Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19180/info The Zyxel Prestige 660H-61 ADSL Router is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...
ZyXEL Prestige 681 SDSL Router IP Fragment Reassembly Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3711/info Prestige is a product line of DSL routers produced and distributed by Zyxel. When a Zyxel router receives fragmented packets that after reassembly is greater than 64 kilobytes in length, the router crashes. The...
Zyxel Prestige 642R Router Malformed IP Packet Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5292/info ZyXEL 642R and Prestige 310 routers have difficulties handling IP packets that are malformed. Reportedly, when ZyXEL routers receive a single specially malformed packet, they stop responding for exactly 30...
Zyxel Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications source: http://www.securityfocus.com/bid/19180/info The Zyxel Prestige 660H-61 ADSL Router is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
ZyXEL Prestige Default Password (deprecated)
Binary data 4912.prm...
Default credentials
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, have 1 "user" as their default password for the "user" account and 2 "1234" as their default password for the "admin" account, which makes it easier for remote attackers to obtain access...
CVE-2008-1522
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, have 1 "user" as their default password for the "user" account and 2 "1234" as their default password for the "admin" account, which makes it easier for remote attackers to obtain access...
Default configuration
The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP requests from any source IP address...
Design/Logic Flaw
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, has "public" as its default community for both 1 read and 2 write operations, which allows remote attackers to perform administrative actions via SNMP, as demonstrated by readin...
CVE-2008-1523
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for 1 WAN.html, 2 wzPPPOE.html, and 3 rpDyDNS.html, and then reading the HTML source...
CVE-2008-1526
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40PE9 and 3.40AGD.2 through 3.40AHQ.3, do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords...
CVE-2008-1524
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, has "public" as its default community for both 1 read and 2 write operations, which allows remote attackers to perform administrative actions via SNMP, as demonstrated by readin...
CVE-2008-1528
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...
Design/Logic Flaw
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for 1 WAN.html, 2 wzPPPOE.html, and 3 rpDyDNS.html, and then reading the HTML source...
Authentication flaw
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...
Design/Logic Flaw
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to gain privileges by accessing administrative URIs, as demonstrated by rpSysAdmin.html...