CVE-2008-1525

CWE-163 documents3 sources

Severity

5.0MEDIUM

EPSS

0.3%

top 49.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zyxel Prestige 660 Zyxel Prestige 661 Zyxel Zynos

Timeline

PublishedMar 26

Latest updateMay 1

Description

The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP requests from any source IP address.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDzyxel/prestige_660h-d1, h-d3+1

▶NVDzyxel/prestige_661hw-d1

▶NVDzyxel/zynos3.40

🔴Vulnerability Details

GHSA

GHSA-gfxr-7wxj-qhwm: The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3↗2022-05-01

▶

CVEList

CVE-2008-1525: The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3↗2008-03-26

▶