CVE-2008-1521

CWE-2644 documents4 sources
Severity
6.5MEDIUM
EPSS
0.4%
top 36.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Zyxel Prestige 660Zyxel Prestige 661Zyxel Zynos
Timeline
PublishedMar 26
Latest updateMay 1

Description

ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to gain privileges by accessing administrative URIs, as demonstrated by rpSysAdmin.html.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages3 packages

NVDzyxel/prestige_660h-d1, h-d3+1
NVDzyxel/zynos3.40

🔴Vulnerability Details

2
GHSA
GHSA-hwpq-rvwc-x473: ZyXEL Prestige routers, including P-660 and P-661 models with firmware 32022-05-01
CVEList
CVE-2008-1521: ZyXEL Prestige routers, including P-660 and P-661 models with firmware 32008-03-26

💥Exploits & PoCs

1
Exploit-DB
Dynamic photo Gallery 1.02 - 'albumID' SQL Injection2008-03-01
CVE-2008-1521 (MEDIUM CVSS 6.5) | ZyXEL Prestige routers | cvebase.io