CVE-2015-6019

4 documents4 sources
Severity
8.5HIGH
EPSS
0.4%
top 42.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Zyxel Pmg5318-b20a Firmware
Timeline
PublishedDec 31
Latest updateMay 17

Description

The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:NExploitability: 3.1 | Impact: 4.7

Affected Packages1 packages

ā–¶NVDzyxel/pmg5318-b20a_firmwarev100aanc0b5

šŸ”“Vulnerability Details

2
GHSA
GHSA-83xw-xrpp-p33r: The management portal on ZyXEL PMG5318-B20A devices with firmware 1ā†—2022-05-17
ā–¶
CVEList
CVE-2015-6019: The management portal on ZyXEL PMG5318-B20A devices with firmware 1ā†—2015-12-31
ā–¶

šŸ’„Exploits & PoCs

1
Exploit-DB
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)ā†—2015-09-29
ā–¶
CVE-2015-6019 (HIGH CVSS 8.5) | The management portal on ZyXEL PMG5 | cvebase.io