Sign-up

ID

VAR-200301-0039


TITLE

ZyXEL DSL Modem Default Remote Administrator Password Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2003-0259

DESCRIPTION

ZyXEL DSL Modem is a broadband MODEM device developed and maintained by ZyXEL. The ZyXEL DSL Modem management interface has a pre-configured account that allows remote attackers to obtain sensitive information on the device. The ZyXEL DSL Modem has a default username and password. The user name is \"root\" and the password is \"1234\". You can log in to the modem's built-in FTP server to download data files containing sensitive information, such as spt.dat. The file contains the following information: - 0x20 The root password in clear- 0x40 SNMP Location- 0x60 Device name- 0x80 SNMP Sys Contact- 0xac SNMP read community- 0xcc SNMP read community- 0xec SNMP read community - 0x188 SUA Server IP address- 0x1c54 First PPPoE Account config name (Default: ChangeMe )- 0x1dde First PPPoe Username- 0x1dfe First PPPoe Password- 0x21dc Second PPPeE Account config name Use this information to make changes and reconfigure the device. This default account information may also be present in other ZyXEL DSL Series Modems. It has been reported that the administration interface on some ZyXEL devices, including the 642 and 645 series, is remotely accessible and pre-set with a default username and password. It is important to note that other ZyXEL devices may share this default account

Trust: 0.81

sources: CNVD: CNVD-2003-0259 // BID: 6671

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2003-0259

AFFECTED PRODUCTS

vendor:prestigemodel:zyxel 642rscope: - version: -

Trust: 0.6

vendor:prestigemodel:zyxel 642mescope: - version: -

Trust: 0.6

vendor:prestigemodel:zyxel 642m-iscope: - version: -

Trust: 0.6

vendor:prestigemodel:zyxel 642mscope: - version: -

Trust: 0.6

vendor:prestigemodel:zyxelscope:eqversion:642

Trust: 0.6

vendor:zyxelmodel:prestigescope:eqversion:645

Trust: 0.3

vendor:zyxelmodel:prestige 642r-iscope: - version: -

Trust: 0.3

vendor:zyxelmodel:prestige 642rscope: - version: -

Trust: 0.3

vendor:zyxelmodel:prestige 642mescope: - version: -

Trust: 0.3

vendor:zyxelmodel:prestige 642m-iscope: - version: -

Trust: 0.3

vendor:zyxelmodel:prestige 642mscope: - version: -

Trust: 0.3

vendor:zyxelmodel:prestigescope:eqversion:642

Trust: 0.3

sources: CNVD: CNVD-2003-0259 // BID: 6671

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2003-0259
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2003-0259
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2003-0259

THREAT TYPE

network

Trust: 0.3

sources: BID: 6671

TYPE

Configuration Error

Trust: 0.3

sources: BID: 6671

PATCH

title:ZyXEL DSL Modem default remote administrator password vulnerability patchurl:https://www.cnvd.org.cn/patchinfo/show/36241

Trust: 0.6

sources: CNVD: CNVD-2003-0259

EXTERNAL IDS

db:BIDid:6671

Trust: 0.9

db:CNVDid:CNVD-2003-0259

Trust: 0.6

sources: CNVD: CNVD-2003-0259 // BID: 6671

REFERENCES

url:http://marc.theaimsgroup.com/?l=bugtraq&m=104335372103573&w=2

Trust: 0.6

url:http://www.phenoelit.de/dpl/dpl.html

Trust: 0.3

url:/archive/1/308112

Trust: 0.3

sources: CNVD: CNVD-2003-0259 // BID: 6671

CREDITS

Discovered by http-equiv <http-equiv@malware.com>.

Trust: 0.3

sources: BID: 6671

SOURCES

db:CNVDid:CNVD-2003-0259
db:BIDid:6671

LAST UPDATE DATE

2022-05-17T01:50:39.722000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2003-0259date:2003-01-23T00:00:00
db:BIDid:6671date:2003-01-23T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2003-0259date:2003-01-23T00:00:00
db:BIDid:6671date:2003-01-23T00:00:00