CVE-2008-1259

Name of the Vulnerable Software and Affected Versions Zyxel P-2602HW-D1A version 3.40(AJZ.1)

Description The issue allows remote attackers to bypass authentication by establishing a session from a source IP address of a user who previously authenticated within the previous 5 minutes, due to the router maintaining authentication state by IP address.

Recommendations For Zyxel P-2602HW-D1A version 3.40(AJZ.1), consider restricting access to the router's web interface to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the number of IP addresses that can access the router's interface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.