CVE-2008-1160

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zyxel:zywall_1050_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_1050:-:*:*:*:*:*:*:*

History

21 Nov 2024, 00:43

Type Values Removed Values Added
References () http://packetstormsecurity.org/0803-exploits/ZyWALL.pdf - Broken Link () http://packetstormsecurity.org/0803-exploits/ZyWALL.pdf - Broken Link
References () http://secunia.com/advisories/29237 - Broken Link, Vendor Advisory () http://secunia.com/advisories/29237 - Broken Link, Vendor Advisory
References () http://www.secumania.org/exploits/remote/zyxel-zywall-quagga_zebra-%28default-pass%29-remote-root-vulnerability-2008032143791/ - Broken Link, URL Repurposed () http://www.secumania.org/exploits/remote/zyxel-zywall-quagga_zebra-%28default-pass%29-remote-root-vulnerability-2008032143791/ - Broken Link, URL Repurposed
References () http://www.securityfocus.com/bid/28184 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/28184 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.vupen.com/english/advisories/2008/0990/references - Broken Link, Vendor Advisory () http://www.vupen.com/english/advisories/2008/0990/references - Broken Link, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41424 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/41424 - Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/5289 - Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/5289 - Third Party Advisory, VDB Entry

14 Feb 2024, 01:17

Type Values Removed Values Added
References () http://www.secumania.org/exploits/remote/zyxel-zywall-quagga_zebra-%28default-pass%29-remote-root-vulnerability-2008032143791/ - Broken Link () http://www.secumania.org/exploits/remote/zyxel-zywall-quagga_zebra-%28default-pass%29-remote-root-vulnerability-2008032143791/ - Broken Link, URL Repurposed

13 Feb 2024, 16:46

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-798
CPE cpe:2.3:a:zyxel:zywall:1050:*:*:*:*:*:*:* cpe:2.3:h:zyxel:zywall_1050:-:*:*:*:*:*:*:*
cpe:2.3:o:zyxel:zywall_1050_firmware:-:*:*:*:*:*:*:*
CVSS v2 : 7.5
v3 : unknown
v2 : 7.5
v3 : 9.8
References () http://packetstormsecurity.org/0803-exploits/ZyWALL.pdf - () http://packetstormsecurity.org/0803-exploits/ZyWALL.pdf - Broken Link
References () http://secunia.com/advisories/29237 - Vendor Advisory () http://secunia.com/advisories/29237 - Broken Link, Vendor Advisory
References () http://www.secumania.org/exploits/remote/zyxel-zywall-quagga_zebra-%28default-pass%29-remote-root-vulnerability-2008032143791/ - () http://www.secumania.org/exploits/remote/zyxel-zywall-quagga_zebra-%28default-pass%29-remote-root-vulnerability-2008032143791/ - Broken Link
References () http://www.securityfocus.com/bid/28184 - () http://www.securityfocus.com/bid/28184 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.vupen.com/english/advisories/2008/0990/references - Vendor Advisory () http://www.vupen.com/english/advisories/2008/0990/references - Broken Link, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41424 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/41424 - Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/5289 - () https://www.exploit-db.com/exploits/5289 - Third Party Advisory, VDB Entry
First Time Zyxel zywall 1050
Zyxel zywall 1050 Firmware

Information

Published : 2008-03-25 00:44

Updated : 2024-11-21 00:43


NVD link : CVE-2008-1160

Mitre link : CVE-2008-1160

CVE.ORG link : CVE-2008-1160


JSON object : View

Products Affected

zyxel

  • zywall_1050
  • zywall_1050_firmware
CWE
CWE-798

Use of Hard-coded Credentials