ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords.
References
Link | Resource |
---|---|
http://www.gnucitizen.org/projects/router-hacking-challenge/ | Broken Link |
http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf | Broken Link |
http://www.securityfocus.com/archive/1/489009/100/0/threaded | Broken Link Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
History
14 Feb 2024, 16:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.gnucitizen.org/projects/router-hacking-challenge/ - Broken Link | |
References | () http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf - Broken Link | |
References | () http://www.securityfocus.com/archive/1/489009/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-916 | |
CPE | cpe:2.3:h:zyxel:prestige_661:hw-d1:*:*:*:*:*:*:* cpe:2.3:h:zyxel:prestige_660:h-d3:*:*:*:*:*:*:* cpe:2.3:h:zyxel:zynos:3.40:agd.2:*:*:*:*:*:* cpe:2.3:h:zyxel:zynos:3.40:ahq.3:*:*:*:*:*:* cpe:2.3:h:zyxel:zynos:3.40:agl.3:*:*:*:*:*:* cpe:2.3:h:zyxel:prestige_660:h-d1:*:*:*:*:*:*:* cpe:2.3:h:zyxel:zynos:3.40:ahz.0:*:*:*:*:*:* cpe:2.3:h:zyxel:zynos:3.40:atm.0:*:*:*:*:*:* |
cpe:2.3:o:zyxel:p-660h-d1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662hw-d_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662hw-d_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hn-51_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-d1_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-61_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hw_d3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hw_d3_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662hw-d3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-d3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hw_t3_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hn-51_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-663hn-51_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hw_t3_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-661h:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660h-d1:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661hw-d1_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662hw-d3_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-663hn-51_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661h_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-662h-61:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662h-61_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660h-61:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661h_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660h-d3:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-661hnu-f3:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660hn-51:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-d3_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-t1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660h-67:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660h-63:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hw_d1_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660hw_d3:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660hw_d1:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661hnu-f3_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662hw-d1_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-662hw-d1:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662h-61_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660h-t1:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-662hw-d1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-661hw-d1:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661hnu-f3_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-660hw_t3:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661hnu-f1_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-662hw-d3:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-63_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-63_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-67_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-663hn-51:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-67_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-61_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661hw-d1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660hw_d1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-661hnu-f1:-:*:*:*:*:*:*:* cpe:2.3:h:zyxel:p-662hw-d:-:*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-660h-t1_firmware:3.40\(pe9\):*:*:*:*:*:*:* cpe:2.3:o:zyxel:p-661hnu-f1_firmware:*:*:*:*:*:*:*:* |
First Time |
Zyxel p-661hnu-f3 Firmware
Zyxel p-662hw-d3 Zyxel p-660hw D1 Zyxel p-660h-67 Zyxel p-661hnu-f1 Firmware Zyxel p-660h-t1 Firmware Zyxel p-661h Firmware Zyxel p-661h Zyxel p-661hw-d1 Zyxel p-662h-61 Zyxel p-660hw D1 Firmware Zyxel p-662hw-d1 Firmware Zyxel p-662hw-d1 Zyxel p-660h-67 Firmware Zyxel p-660h-61 Zyxel p-660hn-51 Firmware Zyxel p-661hnu-f1 Zyxel p-662hw-d Firmware Zyxel p-660h-d1 Firmware Zyxel p-661hw-d1 Firmware Zyxel p-660hw D3 Zyxel p-660hw D3 Firmware Zyxel p-662hw-d Zyxel p-660h-61 Firmware Zyxel p-660hn-51 Zyxel p-662h-61 Firmware Zyxel p-660h-t1 Zyxel p-663hn-51 Zyxel p-660hw T3 Zyxel p-663hn-51 Firmware Zyxel p-660hw T3 Firmware Zyxel p-660h-63 Firmware Zyxel p-660h-63 Zyxel p-660h-d3 Zyxel p-662hw-d3 Firmware Zyxel p-660h-d1 Zyxel p-660h-d3 Firmware Zyxel p-661hnu-f3 |
Information
Published : 2008-03-26 10:44
Updated : 2024-02-14 16:54
NVD link : CVE-2008-1526
Mitre link : CVE-2008-1526
CVE.ORG link : CVE-2008-1526
JSON object : View
Products Affected
zyxel
- p-662hw-d1
- p-660hw_t3_firmware
- p-661hnu-f1
- p-661hnu-f3_firmware
- p-661h_firmware
- p-662hw-d3_firmware
- p-662h-61_firmware
- p-660h-d3_firmware
- p-660h-61_firmware
- p-660h-d3
- p-662hw-d3
- p-660h-d1
- p-660hn-51_firmware
- p-661hw-d1
- p-663hn-51
- p-662hw-d
- p-661h
- p-660h-t1
- p-660h-t1_firmware
- p-661hw-d1_firmware
- p-661hnu-f1_firmware
- p-663hn-51_firmware
- p-660hw_t3
- p-660h-61
- p-660hw_d3_firmware
- p-660hn-51
- p-660hw_d1_firmware
- p-662h-61
- p-660hw_d3
- p-660h-67_firmware
- p-660h-63
- p-661hnu-f3
- p-660h-d1_firmware
- p-662hw-d_firmware
- p-660h-67
- p-660h-63_firmware
- p-662hw-d1_firmware
- p-660hw_d1
CWE
CWE-916
Use of Password Hash With Insufficient Computational Effort