61 matches found
EUVD-2008-1522
Malware in sbrugna...
EUVD-2002-1061
Malware in sbrugna...
EUVD-2002-1060
Malware in sbrugna...
ZyXEL Prestige 681 SDSL Router IP Fragment Reassembly Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3711/info Prestige is a product line of DSL routers produced and distributed by Zyxel. When a Zyxel router receives fragmented packets that after reassembly is greater than 64 kilobytes in length, the router crashes. The...
ZyXEL 3 Prestige Router HTTP Remote Administration Configuration Reset Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11723/info ZyXEL Prestige router series is reported prone to an access validation vulnerability. The vulnerability exists because the firmware of the router fails to restrict access to a configuration page that is a part ...
Zyxel Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19180/info The Zyxel Prestige 660H-61 ADSL Router is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...
Zyxel Prestige 642R Router Malformed IP Packet Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5292/info ZyXEL 642R and Prestige 310 routers have difficulties handling IP packets that are malformed. Reportedly, when ZyXEL routers receive a single specially malformed packet, they stop responding for exactly 30...
Zyxel Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications source: http://www.securityfocus.com/bid/19180/info The Zyxel Prestige 660H-61 ADSL Router is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
ZyXEL Prestige Default Password (deprecated)
Binary data 4912.prm...
CVE-2008-1526
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40PE9 and 3.40AGD.2 through 3.40AHQ.3, do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords...
CVE-2008-1524
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, has "public" as its default community for both 1 read and 2 write operations, which allows remote attackers to perform administrative actions via SNMP, as demonstrated by readin...
Default credentials
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, have 1 "user" as their default password for the "user" account and 2 "1234" as their default password for the "admin" account, which makes it easier for remote attackers to obtain access...
Default configuration
The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP requests from any source IP address...
Design/Logic Flaw
The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, has "public" as its default community for both 1 read and 2 write operations, which allows remote attackers to perform administrative actions via SNMP, as demonstrated by readin...
CVE-2008-1523
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for 1 WAN.html, 2 wzPPPOE.html, and 3 rpDyDNS.html, and then reading the HTML source...
Design/Logic Flaw
ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to gain privileges by accessing administrative URIs, as demonstrated by rpSysAdmin.html...
CVE-2008-1527
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40PE9 and 3.40AGD.2 through 3.40AHQ.3, support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack...
CVE-2008-1528
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...
Authentication flaw
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...
Design/Logic Flaw
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for 1 WAN.html, 2 wzPPPOE.html, and 3 rpDyDNS.html, and then reading the HTML source...