Undocumented Functionality in Zyxel GS1900 Devices Due to CLI Signal Flaw
CVE-2019-15804

7.5HIGH

Key Information:

Vendor: Zyxel
Status: Gs1900-8 Firmware
Vendor: CVE Published:; 14 November 2019

Summary

A security concern has been identified in Zyxel GS1900 devices running firmware prior to 2.50(AAHH.0)C0, which allows unauthorized access to a hidden menu through a SIGQUIT signal sent to the Command Line Interface (CLI). This menu includes options for password recovery for specific users but is intended to be restricted. The access check for this menu is not effectively enforced, particularly when accessed via a serial console, raising significant risk for potential unauthorized operations and device manipulation.

References

https://jasper.la/exploring-zyxel-gs1900-firmware-with-gh...

x_refsource_MISC

https://www.zyxel.com/support/gs1900-switch-vulnerabiliti...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2019
Vulnerability Reserved
Aug 29, 2019