Vulnerability Details CVE-2017-18373
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a repetition of the string 0123456789. These accounts can be used to login to the web interface, exploit authenticated command injections, and change router settings for malicious purposes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.126
EPSS Ranking 93.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
- https://seclists.org/fulldisclosure/2017/Jan/40
- https://ssd-disclosure.com/index.php/archives/2910
- https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
- https://seclists.org/fulldisclosure/2017/Jan/40
- https://ssd-disclosure.com/index.php/archives/2910
Products affected by CVE-2017-18373
-
cpe:2.3:h:billion:5200w-t:-
-
cpe:2.3:o:billion:5200w-t_firmware:7.3.8.0