Weak Password Enforcement in ZyXEL Prestige Routers
CVE-2008-1529

Currently unrated

Key Information:

Vendor: Zyxel
Status: Zynos; Prestige 661; Prestige 660
Vendor: CVE Published:; 26 March 2008

Summary

ZyXEL Prestige routers implement a minimum password length for the admin account that is insufficient, enabling remote attackers to exploit this weakness through brute force methods. This vulnerability can lead to unauthorized access and manipulation of router settings, thereby compromising network security. Users are encouraged to enforce stronger password policies and firmware updates to mitigate the risk.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf

x_refsource_MISC

Timeline

Vulnerability published
Mar 26, 2008
Vulnerability Reserved
Mar 25, 2008