CVE-2008-1261

Name of the Vulnerable Software and Affected Versions Zyxel P-2602HW-D1A version 3.40(AJZ.1)

Description The issue allows remote attackers to determine the current login status by requesting an arbitrary admin URI, due to different responses provided by the router depending on whether a user is logged in.

Recommendations For Zyxel P-2602HW-D1A version 3.40(AJZ.1), consider restricting access to admin pages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.