PT-2015-2964 · Zyxel · Zyxel P-660Hw-T1+3

Joel Land

Published

2015-12-31

Updated

2016-12-07

CVE-2015-6016

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ZyXEL P-660HW-T1 versions 3.40(AXH.0) ZyXEL PMG5318-B20A versions 1.00AANC0b5 ZyXEL NBG-418N (affected versions not specified)

Description The issue is related to the use of a default password for the administrator account in the firmware of certain ZyXEL devices and the ZyNOS operating system. This allows a remote attacker to gain administrative access.

Recommendations For ZyXEL P-660HW-T1 version 3.40(AXH.0), change the default administrator password to a unique and strong password. For ZyXEL PMG5318-B20A version 1.00AANC0b5, change the default administrator password to a unique and strong password. For ZyXEL NBG-418N, change the default administrator password to a unique and strong password.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

BDU:2016-00061

CVE-2015-6016

Affected Products

Zynos

Zyxel Nbg-418N

Zyxel P-660Hw-T1

Zyxel Pmg5318-B20A

PT-2015-2964 · Zyxel · Zyxel P-660Hw-T1+3

CVE-2015-6016

Weakness Enumeration

Related Identifiers

Affected Products

References · 7