Authentication Bypass Vulnerability in ZyXEL P-660HW Series Router
CVE-2008-1255

Currently unrated

Key Information:

Vendor: Zyxel
Status: P-660hw
Vendor: CVE Published:; 10 March 2008

Summary

The ZyXEL P-660HW series router is susceptible to an authentication bypass vulnerability that allows attackers to exploit the router's IP address-based session management. By impersonating a previously authenticated user’s IP address, an attacker can gain unauthorized access to the router. This flaw highlights the importance of robust session management and the risks associated with IP-based authentication in network devices. Users are advised to implement all available security updates and consider additional protective measures.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/41114

vdb-entryx_refsource_XF

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

Timeline

Vulnerability published
Mar 10, 2008
Vulnerability Reserved
Mar 10, 2008