Remote Administration Vulnerability in ZyXEL Prestige Routers
CVE-2004-1540

Currently unrated

Key Information:

Vendor: Zyxel
Status: Prestige; Zynos
Vendor: CVE Published:; 31 December 2004

Summary

Certain ZyXEL Prestige HW Routers, such as models 623, 650, and 652, are prone to a vulnerability that allows unauthorized access to the router's remote administration feature. When HTTP Remote Administration is enabled, an attacker can interact with the 'rpFWUpload.html' page without authenticating, potentially allowing them to reset the router's configuration file. This issue poses a serious risk to network integrity and user data, as it can lead to unauthorized changes to router settings.

References

http://marc.info/?l=bugtraq&m=110116413414615&w=2

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/12108

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/11723

vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Feb 18, 2005
Vulnerability published
Dec 31, 2004