CVE-2017-16523

Name of the Vulnerable Software and Affected Versions MitraStar GPT-2541GNAC (HGU) version 1.00(VNJ0)b1 MitraStar DSL-100HN-T1 version ES 113WJY0b16

Description The issue is related to the use of a predefined account, specifically the zyad1234 account with the password zyad1234, which has privileges equivalent to root. This account is undocumented. Exploitation of this issue may allow a remote attacker to gain access to the device with root-equivalent privileges.

Recommendations For MitraStar GPT-2541GNAC (HGU) version 1.00(VNJ0)b1, consider changing the password of the zyad1234 account to prevent unauthorized access. For MitraStar DSL-100HN-T1 version ES 113WJY0b16, consider changing the password of the zyad1234 account to prevent unauthorized access. As a temporary workaround, consider disabling the zyad1234 account until a more permanent solution is available.