var-202012-0977
Vulnerability from variot
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. Zyxel USG A device contains a vulnerability in the plaintext storage of important information.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-0977",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "usg60w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg310",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "zywall110",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp800",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg210",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg20w-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg2200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg110",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn50",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg1100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp700",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg60",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp500",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 700",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg40w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp200",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 500",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg40",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "atp100w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "zywall1100",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "zywall310",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg flex 100w",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn1000",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg1900",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg20-vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "vpn300",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": "4.60"
},
{
"model": "usg210",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg110",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg310",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg40",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20w-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg1100",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg20-vpn",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "usg60w",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"cve": "CVE-2020-29583",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-29583",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-29583",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-29583",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-29583",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-29583",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1459",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2020-29583",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. Zyxel USG A device contains a vulnerability in the plaintext storage of important information.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "VULMON",
"id": "CVE-2020-29583"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-29583",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-29583",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"id": "VAR-202012-0977",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3888889
},
"last_update_date": "2024-11-23T22:25:13.966000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisories",
"trust": 0.8,
"url": "http://ftp.zyxel.com/USG40/firmware/USG40_4.60(AALA.1)C0_2.pdf"
},
{
"title": "Zyxel USG Series Fixes for encryption problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=137990"
},
{
"title": "BruteX-master\nBruteX\nInstall script for BruteX\n\nVARS\nBruteX by @xer0dayz\nhttp://xerosecurity.com\n\nABOUT:\nBruteX is a simple bash script used to brute force all services on a target.\n\nINSTALL:\n./install.sh\n\nUSAGE:\nbrutex \u003cIP/hostname\u003e \n\nHYDRA SERVICES:\nasterisk cisco cisco-enable cvs ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql(v4) nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp redis rexec rlogin rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmpp\nUN-COMMENT TO ENABLE PROXY",
"trust": 0.1,
"url": "https://github.com/MartinDojcinoski23/BruteX-master "
},
{
"title": "Scanner for Zyxel products which are vulnerable due to an undocumented user account (CVE-2020-29583)\nUsage",
"trust": 0.1,
"url": "https://github.com/2d4d/scan_CVE-2020-29583 "
},
{
"title": "Middleware-Vulnerability-detection\n\u514d\u8d23\u58f0\u660e\uff1a",
"trust": 0.1,
"url": "https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection "
},
{
"title": "Middleware-Vulnerability-detection\n\u514d\u8d23\u58f0\u660e\uff1a",
"trust": 0.1,
"url": "https://github.com/apachecn-archive/Middleware-Vulnerability-detection "
},
{
"title": "Awesome-POC",
"trust": 0.1,
"url": "https://github.com/ArrestX/--POC "
},
{
"title": "Normal-POC",
"trust": 0.1,
"url": "https://github.com/Miraitowa70/POC-Notes "
},
{
"title": "Vulnerability",
"trust": 0.1,
"url": "https://github.com/tzwlhack/Vulnerability "
},
{
"title": "Normal-POC",
"trust": 0.1,
"url": "https://github.com/Miraitowa70/Pentest-Notes "
},
{
"title": "Awesome-POC",
"trust": 0.1,
"url": "https://github.com/Threekiii/Awesome-POC "
},
{
"title": "Awesome-POC",
"trust": 0.1,
"url": "https://github.com/KayCHENvip/vulnerability-poc "
},
{
"title": "\u6b22\u8fce\u5173\u6ce8\u963f\u5c14\u6cd5\u5b9e\u9a8c\u5ba4\u5fae\u4fe1\u516c\u4f17\u53f7",
"trust": 0.1,
"url": "https://github.com/alphaSeclab/sec-daily-2020 "
},
{
"title": "SecBooks\nSecBooks\u76ee\u5f55",
"trust": 0.1,
"url": "https://github.com/SexyBeast233/SecBooks "
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/Ostorlab/KEV "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000S/PoC-in-GitHub "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cybercriminals-exploits-zyxel-flaw/162789/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.0
},
{
"problemtype": "Plaintext storage of important information (CWE-312) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.zyxel.com/support/security_advisories.shtml"
},
{
"trust": 1.7,
"url": "https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15"
},
{
"trust": 1.7,
"url": "https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release"
},
{
"trust": 1.7,
"url": "https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html"
},
{
"trust": 1.7,
"url": "https://www.zyxel.com/support/cve-2020-29583.shtml"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29583"
},
{
"trust": 1.1,
"url": "https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/"
},
{
"trust": 1.1,
"url": "http://ftp.zyxel.com/usg40/firmware/usg40_4.60%28aala.1%29c0_2.pdf"
},
{
"trust": 0.6,
"url": "http://ftp.zyxel.com/usg40/firmware/usg40_4.60(aala.1)c0_2.pdf"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/522.html"
},
{
"trust": 0.1,
"url": "https://github.com/martindojcinoski23/brutex-master"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-22T00:00:00",
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"date": "2021-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"date": "2020-12-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"date": "2020-12-22T22:15:14.443000",
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-29583"
},
{
"date": "2021-08-30T08:31:00",
"db": "JVNDB",
"id": "JVNDB-2020-014757"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1459"
},
{
"date": "2024-11-21T05:24:15.697000",
"db": "NVD",
"id": "CVE-2020-29583"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zyxel\u00a0USG\u00a0 Vulnerability in plaintext storage of important information on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014757"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1459"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.