CVE-2008-1527

CWE-3103 documents3 sources
Severity
7.5HIGH
EPSS
0.6%
top 31.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Zyxel Prestige 660Zyxel Prestige 661Zyxel Zynos
Timeline
PublishedMar 26
Latest updateMay 1

Description

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDzyxel/prestige_660h-d1, h-d3+1
NVDzyxel/zynos3.40

🔴Vulnerability Details

2
GHSA
GHSA-rqr6-f773-2wgq: ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 32022-05-01
CVEList
CVE-2008-1527: ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 32008-03-26
CVE-2008-1527 (HIGH CVSS 7.5) | ZyXEL Prestige routers | cvebase.io