Vulnerabilities > CVE-2015-6016 - Credentials Management vulnerability in Zyxel Nbg-418N, Pmg5318-B20A Firmware and Zynos Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 2 | |
OS | 2 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS16-079 |
bulletin_url | |
date | 2016-06-14T00:00:00 |
impact | Elevation of Privilege |
knowledgebase_id | 3160339 |
knowledgebase_url | |
severity | Important |
title | Security Update for Microsoft Exchange Server |
References
- http://www.securitytracker.com/id/1034552
- http://www.securitytracker.com/id/1034552
- http://www.securitytracker.com/id/1034553
- http://www.securitytracker.com/id/1034553
- http://www.securitytracker.com/id/1034554
- http://www.securitytracker.com/id/1034554
- https://www.kb.cert.org/vuls/id/870744
- https://www.kb.cert.org/vuls/id/870744
- https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R
- https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R