CVE-2019-15799

Name of the Vulnerable Software and Affected Versions Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0

Description An issue allows user accounts with non-admin level privileges to have the same level of privileged access as administrators when connecting to the device via SSH. This enables normal users to obtain the administrative password by running the tech-support command via the CLI, which contains the encrypted passwords for all users on the device. These passwords can be decrypted as they are encrypted using well-known and static parameters, allowing the original passwords, including the administrator password, to be obtained.

Recommendations For Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0, update the firmware to version 2.50(AAHH.0)C0 or later to resolve the issue. As a temporary workaround, consider restricting SSH access to only administrative accounts until the firmware can be updated.