3 matches found
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure Vulnerabilities
Exploit for hardware platform in category web applications Description: The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 2.00AAKK.3 devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the...
CVE-2019-6725
Summary (CVE-2019-6725): Affected device: ZyXEL P-660HN-T1 V2 with firmware 2.00(AAKK.3). The rpWLANRedirect.asp page is accessible without authentication, allowing an admin password to be read from the HTML source and enabling interface access as admin. This leads to complete control of the mode...
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure
Description: The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 2.00AAKK.3 devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin. Solution: The...