CVE-2017-18373
published 2019-05-02CVE-2017-18373: The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded…
PriorityP358high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
5.38%
91.7th percentile
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a repetition of the string 0123456789. These accounts can be used to login to the web interface, exploit authenticated command injections, and change router settings for malicious purposes.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| billion | 5200w-t_firmware | — | — |
| zyxel | p660hn-t1a_v1_firmware | — | — |
| zyxel | p660hn-t1a_v2_firmware | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v454-6xf3-j8mh: The Billion 5200W-T TCLinux Fw $7
ghsa_unreviewed·2022-05-24·CVSS 8.8
CVE-2017-18372 [HIGH] CWE-78 GHSA-v454-6xf3-j8mh: The Billion 5200W-T TCLinux Fw $7
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp page and can be exploited through the uiViewSNTPServer parameter. Authentication can be achieved by exploiting CVE-2017-18373.
GHSA
GHSA-46x2-283h-j6m2: The Billion 5200W-T TCLinux Fw $7
ghsa_unreviewed·2022-05-24
CVE-2017-18373 [HIGH] CWE-798 GHSA-46x2-283h-j6m2: The Billion 5200W-T TCLinux Fw $7
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a repetition of the string 0123456789. These accounts can be used to login to the web interface, exploit authenticated command injections, and change router settings for malicious purposes.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txthttps://seclists.org/fulldisclosure/2017/Jan/40https://ssd-disclosure.com/index.php/archives/2910https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txthttps://seclists.org/fulldisclosure/2017/Jan/40https://ssd-disclosure.com/index.php/archives/2910
2019-05-02
Published