Zyxel Prestige vulnerabilities

CVE-2005-0328 [MEDIUM] CVE-2005-0328: Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address.

CVE-2004-1540 [MEDIUM] CVE-2004-1540: ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administr ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.

CVE-2004-1684 [MEDIUM] CVE-2004-1684: Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remot Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network.

CVE-2004-0670 [MEDIUM] CVE-2004-0670: Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service (device reboot) via a long password.

CVE-2002-1071 [MEDIUM] CVE-2002-1071: ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHC ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set.

CVE-2002-1072 [MEDIUM] CVE-2002-1072: ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a deni ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet.

CVE-2001-1135 [HIGH] CVE-2001-1135: ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Telnet and FTP ports on the extern ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Telnet and FTP ports on the external WAN interface from inside access, allowing someone on an internal computer to reconfigure the router, if the password is known.