CVE-2025-0890
published 2025-02-04CVE-2025-0890: **UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
**UNSUPPORTED WHEN ASSIGNED**
Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zyxel | vmg4325-b10a_firmware | <= 1.00(AAFR.4)C0_20170615 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL