Details of VAR-201402-0519

ID

VAR-201402-0519

TITLE

ZyXEL Prestige 782R '/rom-0' RomPager Access Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-01043

DESCRIPTION

ZyXEL Prestige 782R is a router product of ZyXEL Technology Corporation. An authentication bypass vulnerability exists in ZyXEL Prestige 782R. An attacker could use this vulnerability to bypass the authentication mechanism and perform unauthorized operations. This may aid in further attacks

Trust: 1.35

sources: CNVD: CNVD-2014-01043 // CNNVD: CNNVD-201402-158 // BID: 65521

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-01043

AFFECTED PRODUCTS

vendor:

zyxel

model:

prestige 782r

scope:

version:

Trust: 0.9

sources: CNVD: CNVD-2014-01043 // BID: 65521

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2014-01043
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2014-01043
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2014-01043

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201402-158

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201402-158

EXTERNAL IDS

db:	BID	id:	65521	Trust: 1.5
db:	CNVD	id:	CNVD-2014-01043	Trust: 0.6
db:	CNNVD	id:	CNNVD-201402-158	Trust: 0.6

sources: CNVD: CNVD-2014-01043 // BID: 65521 // CNNVD: CNNVD-201402-158

REFERENCES

url:	http://www.securityfocus.com/bid/65521	Trust: 1.2
url:	http://dariusfreamon.wordpress.com/2014/01/26/zyxel-prestige-782r-authentication-bypass/	Trust: 0.3
url:	http://zyxel.ua/support/download/product/73	Trust: 0.3

sources: CNVD: CNVD-2014-01043 // BID: 65521 // CNNVD: CNNVD-201402-158

CREDITS

Darius Freamon

Trust: 0.9

sources: BID: 65521 // CNNVD: CNNVD-201402-158

SOURCES

db:	CNVD	id:	CNVD-2014-01043
db:	BID	id:	65521
db:	CNNVD	id:	CNNVD-201402-158

LAST UPDATE DATE

2022-05-17T02:07:13.536000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-01043	date:	2014-02-19T00:00:00
db:	BID	id:	65521	date:	2014-02-12T00:00:00
db:	CNNVD	id:	CNNVD-201402-158	date:	2014-02-17T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-01043	date:	2014-02-14T00:00:00
db:	BID	id:	65521	date:	2014-02-12T00:00:00
db:	CNNVD	id:	CNNVD-201402-158	date:	2014-02-17T00:00:00