CVE-2019-15799
First published: Thu Nov 14 2019(Updated: )
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted passwords for all users on the device. As these passwords are encrypted using well-known and static parameters, they can be decrypted and the original passwords (including the administrator password) can be obtained.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel GS1900-8 firmware | <2.50\(aahh.0\)c0 | |
| Zyxel GS1900-8 | ||
| Zyxel Gs1900-8hp Firmware | <2.50\(aahi.0\)c0 | |
| Zyxel Gs1900-8hp | ||
| Zyxel GS1900-10HP firmware | <2.50\(aazi.0\)c0 | |
| Zyxel GS1900-10HP | ||
| Zyxel Gs1900-16 Firmware | <2.50\(aahj.0\)c0 | |
| Zyxel Gs1900-16 | ||
| Zyxel Gs1900-24e Firmware | <2.50\(aahk.0\)c0 | |
| Zyxel GS1900-24E | ||
| Zyxel Gs1900-24 Firmware | <2.50\(aahl.0\)c0 | |
| Zyxel GS1900-24 | ||
| Zyxel Gs1900-24hp Firmware | <2.50\(aahm.0\)c0 | |
| Zyxel Gs1900-24hp | ||
| Zyxel Gs1900-48 Firmware | <2.50\(aahn.0\)c0 | |
| Zyxel GS1900-48 | ||
| Zyxel Gs1900-48hp Firmware | <2.50\(aaho.0\)c0 | |
| Zyxel Gs1900-48hp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-15799.
What is the severity of CVE-2019-15799?
CVE-2019-15799 has a severity rating of 8.8 (critical).
Which Zyxel devices are affected by CVE-2019-15799?
Zyxel GS1900 devices with firmware versions before 2.50(AAHH.0)C0 are affected.
What is the impact of CVE-2019-15799?
CVE-2019-15799 allows user accounts with non-admin level privileges to have the same privileged access as administrators when connecting to the device via SSH.
How can I fix CVE-2019-15799?
To fix CVE-2019-15799, it is recommended to update the firmware of the affected Zyxel GS1900 devices to version 2.50(AAHH.0)C0 or later.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/references
- agent/first-publish-date
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/zyxel
- canonical/zyxel gs1900-8 firmware
- canonical/zyxel gs1900-8
- canonical/zyxel gs1900-8hp firmware
- canonical/zyxel gs1900-8hp
- canonical/zyxel gs1900-10hp firmware
- canonical/zyxel gs1900-10hp
- canonical/zyxel gs1900-16 firmware
- canonical/zyxel gs1900-16
- canonical/zyxel gs1900-24e firmware
- canonical/zyxel gs1900-24e
- canonical/zyxel gs1900-24 firmware
- canonical/zyxel gs1900-24
- canonical/zyxel gs1900-24hp firmware
- canonical/zyxel gs1900-24hp
- canonical/zyxel gs1900-48 firmware
- canonical/zyxel gs1900-48
- canonical/zyxel gs1900-48hp firmware
- canonical/zyxel gs1900-48hp