Short Name |
HTTP:INFO-LEAK:ZYXEL-PRESTIGE |
---|---|
Severity |
Warning |
Recommended |
No |
Category |
HTTP |
Keywords |
ZyXEL Prestige 650 HW Router Information Leak |
Release Date |
2005/03/07 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to access unprotected data on a ZyXEL Prestige 650 HW Router. Because the router firmware does not restrict access to a configuration page that is a part of the ZyXEL Prestige HTTP remote administration, attackers can remotely reset the router configuration.
ZyXEL Prestige router series is reported prone to an access validation vulnerability. The vulnerability exists because the firmware of the router fails to restrict access to a configuration page that is a part of the ZyXEL Prestige HTTP based remote administration service. A remote attacker may exploit this vulnerability to reset the configuration of the router.