SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   ZyXEL Wireless Router Vendors:   ZyXEL Communications Corp.
ZyXEL PMG5318-B20A Wireless Router Bugs Let Remote Users Execute Arbitrary Code and Gain Administrative Access
SecurityTracker Alert ID:  1034553
SecurityTracker URL:  http://securitytracker.com/id/1034553
CVE Reference:   CVE-2015-6016, CVE-2015-6018, CVE-2015-6019, CVE-2015-6020   (Links to External Site)
Date:  Dec 31 2015
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Model PMG5318-B20A
Description:   Several vulnerabilities were reported in ZyXEL Wireless Router model PMG5318-B20A. A remote user can execute arbitrary code on the target system. A remote user can gain administrative access to the target system.

The system uses a default password of '1234' for the 'admin' account. A remote user can gain administrative access to the target system [CVE-2015-6016].

A remote user can send specially crafted data via the 'PingIPAddr' parameter to execute arbitrary code on the target system [CVE-2015-6018]. Model PMG5318-B20A devices with firmware versions prior to 1.00(AANC.2)C0 are affected.

The device does not properly logout authenticated users [CVE-2015-6019]. A user with access to a previously authenticated user's system can bypass access restrictions. Model PMG5318-B20A devices with firmware version 1.00AANC0b5 are affected.

A remote authenticated user can obtain administrative privileges [CVE-2015-6020]. Model PMG5318-B20A devices with firmware version 1.00AANC0b5 are affected.

Karn Ganeshen reported these vulnerabilities via US-CERT.

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can gain administrative access to the target system.

Solution:   The vendor has issued a fix for CVE-2015-6018 (v1.00(AANC.2)C0) [in December 2014] and for CVE-2015-6019 and CVE-2015-6020 (V1.00(AANC.3)b1) [in October 2015].

For CVE-2015-6016, the vendor recommends changing the default password upon initial login.

Vendor URL:  www.zyxel.com/ (Links to External Site)
Cause:   Access control error, Configuration error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC