CVE-2017-18374

Name of the Vulnerable Software and Affected Versions ZyXEL P660HN-T1A version $7.3.15.0 v001 / 3.40(ULM.0)b31

Description The issue concerns default passwords for two user accounts in the router, including a hardcoded service account with the username true and password true. These default credentials can be exploited to log in to the web interface, execute authenticated command injections, and modify router settings for malicious purposes.

Recommendations For ZyXEL P660HN-T1A version $7.3.15.0 v001 / 3.40(ULM.0)b31, change the default passwords of the user accounts, especially the hardcoded service account with the username true and password true, to prevent unauthorized access and potential exploitation.