Vulnerability Details CVE-2017-18374
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. These accounts can be used to login to the web interface, exploit authenticated command injections and change router settings for malicious purposes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.073
EPSS Ranking 91.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- http://www.zyxel.com/support/announcement_unauthenticated.shtml
- https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
- https://seclists.org/fulldisclosure/2017/Jan/40
- https://ssd-disclosure.com/index.php/archives/2910
- https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
- http://www.zyxel.com/support/announcement_unauthenticated.shtml
- https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
- https://seclists.org/fulldisclosure/2017/Jan/40
- https://ssd-disclosure.com/index.php/archives/2910
- https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
Products affected by CVE-2017-18374
-
cpe:2.3:h:billion:5200w-t:-
-
cpe:2.3:h:zyxel:p660hn-t1a_v1:-
-
cpe:2.3:h:zyxel:p660hn-t1a_v2:-
-
cpe:2.3:o:billion:5200w-t_firmware:7.3.8.0
-
cpe:2.3:o:zyxel:p660hn-t1a_v1_firmware:7.3.15.0
-
cpe:2.3:o:zyxel:p660hn-t1a_v2_firmware:7.3.15.0