Vulnerability Details CVE-2018-1164
This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable installations of ZyXEL P-870H-51 DSL Router 1.00(AWG.3)D5. Authentication is not required to exploit this vulnerability. The specific flaw exists within numerous exposed CGI endpoints. The vulnerability is caused by improper access controls that allow access to critical functions without authentication. An attacker can use this vulnerability to reboot affected devices, along with other actions. Was ZDI-CAN-4540.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.298
EPSS Ranking 96.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2018-1164
-
cpe:2.3:h:zyxel:p-870h-51:-
-
cpe:2.3:o:zyxel:p-870h-51_firmware:1.00(awg.3)d5