First published: Wed Mar 26 2008(Updated: )
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for (1) RemMagSNMP.html, which discloses SNMP communities; or (2) WLAN.html, which discloses WEP keys.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zyxel Zynos | =3.40-ahq.0 | |
Zyxel Zynos | =3.40-agl.3 | |
Zyxel Zynos | =3.40-ahq.3 | |
Zyxel Zynos | =3.40-ahz.0 | |
Zyxel Prestige 661 | =hw-d1 | |
Zyxel Prestige 660 | =h-d3 | |
Zyxel Zynos | =3.40-atm.0 | |
Zyxel Prestige 660 | =h-d1 | |
Zyxel Zynos | =3.40-agd.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.