Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2008-1527

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack.

  • Published: Mar 26, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-1527
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
zyxel / zynos 3.40-ahq.0 3.40-ahq.0.x
zyxel / zynos 3.40-agl.3 3.40-agl.3.x
zyxel / zynos 3.40-ahq.3 3.40-ahq.3.x
zyxel / zynos 3.40-ahz.0 3.40-ahz.0.x
zyxel / prestige_661 hw-d1 hw-d1.x
zyxel / prestige_660 h-d3 h-d3.x
zyxel / zynos 3.40-atm.0 3.40-atm.0.x
zyxel / prestige_660 h-d1 h-d1.x
zyxel / zynos 3.40-agd.2 3.40-agd.2.x