3 matches found
CVE-2019-15802
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in salutilstrencrypt in libsal.so.0.0. The parameters salt, IV, and key data are used to encrypt and decrypt all passwords using AES256...
CVE-2019-15802
Affected product: Zyxel GS1900 switches. Vulnerability: firmware before 2.50(AAHH.0)C0 uses a hardcoded cryptographic key in libsal.so.0.0 to encrypt passwords via AES-256 CBC; the salt, IV, and key data are used to encrypt/decrypt all passwords, including those in config backups embedded in the ...
CVE-2019-15802
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in salutilstrencrypt in libsal.so.0.0. The parameters salt, IV, and key data are used to encrypt and decrypt all passwords using AES256...