Cross-site Request Forgery Vulnerabilities in ZyXEL Router Products
CVE-2008-1254

Currently unrated

Key Information:

Vendor: Zyxel
Status: P-660hw
Vendor: CVE Published:; 10 March 2008

Summary

The ZyXEL P-660HW series routers are susceptible to multiple Cross-Site Request Forgery (CSRF) vulnerabilities that could allow remote attackers to exploit the device. These vulnerabilities enable unauthorized changes to DNS server settings as well as the capability to modify the banned keyword list through unspecified vectors. As a result, attackers could redirect legitimate users to malicious sites or disrupt network integrity, emphasizing the need for robust security measures.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/41111

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 10, 2008
Vulnerability Reserved
Mar 10, 2008