CVE-2019-15799Improper Privilege Management in Zyxel Gs1900-10hp Firmware

CWE-269Improper Privilege Management3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.4%
top 40.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Zyxel Gs1900-10hp FirmwareZyxel Gs1900-16 FirmwareZyxel Gs1900-24 Firmware+6 more
Timeline
PublishedNov 14
Latest updateMay 24

Description

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted pass

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages9 packages

NVDzyxel/gs1900-8_firmware< 2.50\(aahh.0\)c0
NVDzyxel/gs1900-16_firmware< 2.50\(aahj.0\)c0
NVDzyxel/gs1900-24_firmware< 2.50\(aahl.0\)c0
NVDzyxel/gs1900-48_firmware< 2.50\(aahn.0\)c0
NVDzyxel/gs1900-24e_firmware< 2.50\(aahk.0\)c0

🔴Vulnerability Details

2
GHSA
GHSA-fvpf-4m7h-jg3p: An issue was discovered on Zyxel GS1900 devices with firmware before 22022-05-24
CVEList
CVE-2019-15799: An issue was discovered on Zyxel GS1900 devices with firmware before 22019-11-14
CVE-2019-15799 — Improper Privilege Management in Zyxel | cvebase