Vulnerability in Zyxel GS1900 Devices Allowing Unauthorized Access
CVE-2019-15803

9.1CRITICAL

Key Information:

Vendor

Zyxel
Status
Gs1900-8 Firmware
Vendor
CVE Published:
14 November 2019

What is CVE-2019-15803?

A security flaw in Zyxel GS1900 devices allows unauthorized users to access a hidden diagnostics shell through a sequence of keypresses. This vulnerability arises from inadequate access control checks, leading to potential exposure of sensitive configuration parameters and arbitrary register modifications related to network interface chips. Attackers exploiting this issue can gain significant control over the device, posing severe risks to the network’s integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://jasper.la/exploring-zyxel-gs1900-firmware-with-gh...
x_refsource_MISC
https://www.zyxel.com/support/gs1900-switch-vulnerabiliti...
x_refsource_CONFIRM

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.