Vulners
Lucene search
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure Vulnerabilities
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | CVE-2019-6725 | 31 May 201921:27 | – | cve |
 | CVE-2019-6725 | 31 May 201921:27 | – | cvelist |
 | EUVD-2019-16283 | 7 Oct 202500:30 | – | euvd |
 | CVE-2019-6725 | 31 May 201922:29 | – | nvd |
 | CVE-2019-6725 | 31 May 201922:29 | – | osv |
 | ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure | 31 May 201900:00 | – | packetstorm |
 | Design/Logic Flaw | 31 May 201922:29 | – | prion |
Description:
The rpWLANRedirect.asp ASP page is accessible without authentication
on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) devices. After accessing the
page, the admin user's password can be obtained by viewing the HTML
source code, and the interface of the modem can be accessed as admin.
Solution:
The manufacturer has released the hotfix via dropbox for the current
vulnerability.
https://www.dropbox.com/s/2o8tl9o91mza4em/200AAKK3D0_20190130.zip?dl=0
CVE-2019-6725
# 0day.today [2019-06-03] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
03 Jun 2019 00:00Current
0.3Low risk
Vulners AI Score0.3
EPSS0.00436