Detections
Analytics

ZyXEL Prestige Router Configuration Reset

medium Nessus Plugin ID 15781

Language:

Synopsis

The remote host is a router with a web vulnerability that allows a remote attacker to reset its configuration to factory defaults.

Description

The remote host is a ZyXEL router with a vulnerability in its web interface. With HTTP Remote Administration enabled, the page '/rpFWUpload.html' does not require authentication. This allows an attacker to reset the router's configuration to its factory state.

Solution

Contact ZyXEL for a patch.

See Also

https://seclists.org/bugtraq/2004/Nov/280

Plugin Details

Severity: Medium

ID: 15781

File Name: zyxel_http_config_reset.nasl

Version: 1.20

Type: remote

Family: Misc.

Published: 11/22/2004

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.8

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/21/2004

Reference Information

CVE: CVE-2004-1540

BID: 11723

Secunia: 13278