CVE-2019-15802

Name of the Vulnerable Software and Affected Versions Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0

Description The issue exists due to the hardcoding of registration data in the sal util str encrypt() function of the Zyxel GS1900 series router firmware. This allows a remote attacker to potentially disclose protected information. The firmware uses a hardcoded cryptographic key to hash and encrypt passwords, utilizing the sal util str encrypt() function in libsal.so.0.0. The parameters, including salt, IV, and key data, are used for AES256 encryption in CBC mode. With these parameters known, an attacker can decrypt all previously encrypted passwords, including those in configuration backups or embedded in the firmware.

Recommendations For Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0, update the firmware to version 2.50(AAHH.0)C0 or later to resolve the issue. As a temporary workaround, consider restricting access to configuration backups and embedded firmware components that may contain encrypted passwords. Avoid using the sal util str encrypt() function until a patch is available.