CVE-2017-7964

Name of the Vulnerable Software and Affected Versions Zyxel WRE6505 devices (affected versions not specified)

Description The issue concerns the use of default credentials for the root and admin accounts, with a default password of 1234, making it easier for remote attackers to conduct DNS hijacking attacks. This is achieved by reconfiguring the built-in dnshijacker process. The default TELNET password allows attackers to exploit this issue and intercept DNS requests.

Recommendations For Zyxel WRE6505 devices, change the default password for the root and admin accounts to prevent unauthorized access via TELNET. As a temporary workaround, consider disabling the TELNET protocol until a secure configuration or patch is available. Restrict access to the dnshijacker process to minimize the risk of DNS hijacking attacks.