Details of VAR-201311-0517

ID

VAR-201311-0517

TITLE

ZyXEL GS1510-16 'webctrl.cgi' Remote Password Disclosure Vulnerability

Trust: 0.3

sources: BID: 64646

DESCRIPTION

ZyXEL GS1510-16 is prone to a password-disclosure vulnerability. Attackers can exploit this issue to gain access to administrator password that may lead to further attacks.

Trust: 0.3

sources: BID: 64646

AFFECTED PRODUCTS

vendor:

zyxel

model:

gs1510-16

scope:

version:

Trust: 0.3

sources: BID: 64646

THREAT TYPE

network

Trust: 0.3

sources: BID: 64646

TYPE

Design Error

Trust: 0.3

sources: BID: 64646

EXTERNAL IDS

db:

BID

id:

64646

Trust: 0.3

sources: BID: 64646

REFERENCES

url:	https://github.com/rapid7/metasploit-framework/pull/2709	Trust: 0.3
url:	http://www.zyxel.com/in/en/news/press_room_20101206_612871.shtml	Trust: 0.3
url:	https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/zyxel_admin_password_extractor.rb	Trust: 0.3

sources: BID: 64646

CREDITS

Daniel Manser and Sven Vetsch

Trust: 0.3

sources: BID: 64646

SOURCES

db:

BID

id:

64646

LAST UPDATE DATE

2022-05-17T02:04:40.082000+00:00

SOURCES UPDATE DATE

db:

BID

id:

64646

date:

2013-11-29T00:00:00

SOURCES RELEASE DATE

db:

BID

id:

64646

date:

2013-11-29T00:00:00