Back to CVE Browser

CVE-2017-18371

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1330%

EPSS Percentile5.80th

PublishedMay 2, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username supervisor and password zyad1234. These accounts can be used to login to the web interface, exploit authenticated command injections, and change router settings for malicious purposes.

Affected Platforms (CPE)

💻

Billion

5200w T Firmware

= 7.3.8.0

💻

Zyxel

P660hn T1a V2 Firmware

= 7.3.37.6

💻

Zyxel

P660hn T1a V1 Firmware

= 7.3.37.6

References & Advisories

🔗 http://www.zyxel.com/support/announcement_unauthenticated.shtml

🔗 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt

🔗 https://seclists.org/fulldisclosure/2017/Jan/40

🔗 https://ssd-disclosure.com/index.php/archives/2910

🔗 https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/

🔗 http://www.zyxel.com/support/announcement_unauthenticated.shtml

🔗 https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt

🔗 https://seclists.org/fulldisclosure/2017/Jan/40

Related Vulnerabilities

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2017-514510.0

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. S...

CVE-2017-332410.0

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone...

CVE-2017-278510.0

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially cra...