Vulnerabilities > CVE-2008-1525 - Configuration vulnerability in Zyxel Prestige 660, Prestige 661 and Zynos

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

zyxel

CWE-16

NVD

Published: 2008-03-26

Updated: 2018-10-11

Summary

The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP requests from any source IP address.

Vulnerable Configurations

Part	Description	Count
Hardware	Zyxel Zyxel Prestige 660 H-D1 Zyxel Prestige 660 H-D3 Zyxel Prestige 661 Hw-D1 Zyxel Zynos 3.40	9

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

References

http://www.gnucitizen.org/projects/router-hacking-challenge/
http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf
http://www.securityfocus.com/archive/1/489009/100/0/threaded