Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1540

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1540
Last Modified 05 Sep 2008 04:41:41
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1540

Summary

ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.

Vulnerable Systems


References

XF - zyxel-configuration-reset(18202)

BID - 11723

SECTRACK - 1012298

SECUNIA - 13278

OSVDB - 12108

BUGTRAQ - 20041124 Re: Router ZyXEL Prestige 650 HW http remote admin.

BUGTRAQ - 20041121 Router ZyXEL Prestige 650 HW http remote admin.


Last Updated: 27 May 2016 10:39:05