Short Name |
FTP:EXPLOIT:ZYXEL-CONF-GET |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
Zyxel Configuration File Request |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Zyxel Prestige 600 Series DSL CPE device. Using a default password, attackers can access and download device configuration files using FTP.
In the default factory configuration settings, Prestige routers have the administrative Telnet and FTP services available on the WAN interface. ZyXEL also uses a single common default administrator password. On a Prestige router with the default password still set, any user can connect remotely and make configuration changes, firmware upgrades, and password changes.