ID CVE-2001-1135
Summary ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Telnet and FTP ports on the external WAN interface from inside access, allowing someone on an internal computer to reconfigure the router, if the password is known.
References
Vulnerable Configurations
  • cpe:2.3:h:zyxel:prestige:642r:*:*:*:*:*:*:*
    cpe:2.3:h:zyxel:prestige:642r:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-12-2017 - 02:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 3346
bugtraq
  • 20010809 ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password
  • 20010810 Re: ZyXEL Prestige 642R: Exposed Admin Services on WAN with Default Password
  • 20010814 Fwd: ZyXEL Prestige 642 Router Administration Interface Vulnerability
  • 20010918 SECURITY RISK: ZyXEL ADSL Router 642R - WAN filter bypass from internal network
xf prestige-wan-bypass-filter(7146)
Last major update 19-12-2017 - 02:29
Published 14-08-2001 - 04:00
Last modified 19-12-2017 - 02:29
Back to Top