Описание
The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:zyxel:p-660hn-t1_firmware:2.00\(aakk.3\):*:*:*:*:*:*:*
cpe:2.3:h:zyxel:p-660hn-t1:2:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00436
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin.
EPSS
Процентиль: 62%
0.00436
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798