Vulnerability Details : CVE-2017-18374
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. These accounts can be used to login to the web interface, exploit authenticated command injections and change router settings for malicious purposes.
Products affected by CVE-2017-18374
- cpe:2.3:o:zyxel:p660hn-t1a_v2_firmware:7.3.15.0:*:*:*:*:*:*:*
- cpe:2.3:o:zyxel:p660hn-t1a_v1_firmware:7.3.15.0:*:*:*:*:*:*:*
- cpe:2.3:o:billion:5200w-t_firmware:7.3.8.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-18374
1.58%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-18374
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-18374
-
The product contains hard-coded credentials, such as a password or cryptographic key.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-18374
-
https://seclists.org/fulldisclosure/2017/Jan/40
Full Disclosure: Multiple RCE in ZyXEL / Billion / TrueOnline routersMailing List;Exploit;Third Party Advisory
-
https://ssd-disclosure.com/index.php/archives/2910
SSD Advisory - ZyXEL / Billion Multiple Vulnerabilities - SSD Secure DisclosureExploit;Technical Description;Third Party Advisory
-
https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
New Mirai Variant Targets Enterprise Wireless Presentation & Display SystemsTechnical Description;Third Party Advisory
-
http://www.zyxel.com/support/announcement_unauthenticated.shtml
404 Error | ZyxelBroken Link
-
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
Exploit;Third Party Advisory
Jump to