Lucene search
PRIOn knowledge basePRION:CVE-2017-18368HistoryMay 02, 2019 - 5:29 p.m.
Command injection
2019-05-0217:29:00
PRIOn knowledge base
www.prio-n.com
6
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited through the remote_host parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| 5200w-t_firmware | eq | 7.3.8.0 | |
| p660hn-t1a_v1_firmware | eq | 7.3.15.0 | |
| p660hn-t1a_v2_firmware | eq | 7.3.15.0 |
References
www.zyxel.com/support/announcement_unauthenticated.shtml
raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
seclists.org/fulldisclosure/2017/Jan/40
ssd-disclosure.com/index.php/archives/2910
unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
Related
attackerkb
attackerkb
CVE-2017-18368
2019-05-02 00:00:00
cisa_kev
cisa_kev
Zyxel P660HN-T1A Routers Command Injection Vulnerability
2023-08-07 00:00:00
nvd
nvd
CVE-2017-18368
2019-05-02 17:29:00
cve
cve
CVE-2017-18368
2019-05-02 17:29:00
cvelist
cvelist
CVE-2017-18368
2019-05-02 16:14:16
hivepro
hivepro
threatpost
threatpost
Valve Source Engine, Fortnite Servers Crippled By Gafgyt Variant
2019-10-31 13:00:43