First published: Wed Mar 26 2008(Updated: )
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to obtain ISP and Dynamic DNS credentials by sending a direct request for (1) WAN.html, (2) wzPPPOE.html, and (3) rpDyDNS.html, and then reading the HTML source.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zyxel Zynos | =3.40-ahq.0 | |
Zyxel Zynos | =3.40-agl.3 | |
Zyxel Zynos | =3.40-ahq.3 | |
Zyxel Zynos | =3.40-ahz.0 | |
Zyxel Prestige 661 | =hw-d1 | |
Zyxel Prestige 660 | =h-d3 | |
Zyxel Zynos | =3.40-atm.0 | |
Zyxel Prestige 660 | =h-d1 | |
Zyxel Zynos | =3.40-agd.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.