Lucene search
MitreCVELIST:CVE-2017-18374HistoryMay 02, 2019 - 4:15 p.m.
CVE-2017-18374
2019-05-0216:15:47
mitre
www.cve.org
4
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. These accounts can be used to login to the web interface, exploit authenticated command injections and change router settings for malicious purposes.
References
www.zyxel.com/support/announcement_unauthenticated.shtml
raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
seclists.org/fulldisclosure/2017/Jan/40
ssd-disclosure.com/index.php/archives/2910
unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
Related
nvd
nvd
CVE-2017-18374
2019-05-02 17:29:01
cve
cve
CVE-2017-18374
2019-05-02 17:29:01
prion
prion
Command injection
2019-05-02 17:29:00