CVE-2019-15801

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware, these passwords can be decrypted. This is related to fds_sys_passDebugPasswd_ret() and fds_sys_passRecoveryPasswd_ret() in libfds.so.0.0.

Published: Nov 14, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-15801
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-798

Affected Software
References

Software	From	Fixed in
zyxel / gs1900-8_firmware	-	2.50\(aahh.0\)c0
zyxel / gs1900-8hp_firmware	-	2.50\(aahi.0\)c0
zyxel / gs1900-10hp_firmware	-	2.50\(aazi.0\)c0
zyxel / gs1900-16_firmware	-	2.50\(aahj.0\)c0
zyxel / gs1900-24e_firmware	-	2.50\(aahk.0\)c0
zyxel / gs1900-24_firmware	-	2.50\(aahl.0\)c0
zyxel / gs1900-24hp_firmware	-	2.50\(aahm.0\)c0
zyxel / gs1900-48_firmware	-	2.50\(aahn.0\)c0
zyxel / gs1900-48hp_firmware	-	2.50\(aaho.0\)c0

Vulnerability Database

289,784

CVE-2019-15801