{"id": "CVE-2008-1526", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2008-03-26T10:44:00.000", "references": [{"url": "http://www.gnucitizen.org/projects/router-hacking-challenge/", "tags": ["Broken Link"], "source": "
[email protected]"}, {"url": "http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf", "tags": ["Broken Link"], "source": "
[email protected]"}, {"url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "
[email protected]"}, {"url": "http://www.gnucitizen.org/projects/router-hacking-challenge/", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-916"}]}], "descriptions": [{"lang": "en", "value": "ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords."}, {"lang": "es", "value": "Los routers ZyXEL Prestige, incluyendo los modelos P-660, P-661 y P-662 con firmware 3.40(PE9) y 3.40(AGD.2) hasta la 3.40(AHQ.3), no utilizan salt cuando se calcula el hash de una contrase\u00f1a MD5, lo cual facilita a los atacantes craquear contrase\u00f1as."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-663hn-51_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62972D5A-85C3-4DD4-A26A-471D4E82357F", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-663hn-51_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E92F1B9-AF50-4E0D-B3AC-3C306A383A44"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-663hn-51:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F2A8EAA-E91F-48D8-82F9-0719C6F6BB2F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660h-61_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5252D640-B50B-4532-ABBD-912A37F596DD", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660h-61_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5B68B4A-D806-49C8-AE14-504BE57CAB95"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660h-61:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B996FCFC-C719-43B1-9088-3867D5C124BE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660h-63_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39CB46BC-64D2-46AE-BD36-1A79EB36B292", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660h-63_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5142FA69-CA58-46F4-BCDD-9798DCCB3AD3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660h-63:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0F5B1A3-7A36-4A84-B0C1-508036A0AB5B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660h-67_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67B02999-B7EB-402E-8146-020ACC9ED382", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660h-67_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76279D36-5A32-4B6E-9F78-3EEFB70E55C1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660h-67:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6D676131-6B32-4B57-8E77-95A9F63375B0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660h-d1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD203D62-1938-4521-81D5-154A7425B9B8", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660h-d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3295C0E2-C458-4902-8694-2A3ACFBCE653"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660h-d1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF5193DA-10B0-4C7D-B210-CF074E531215"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660h-d3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9001B98C-9F05-4C1A-8193-D1B553484A7D", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660h-d3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "910FB6FC-66EC-48EE-8D61-BAE34D7BFB65"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660h-d3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "38FD0899-E818-461E-B6FA-48E9564BBB04"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660hn-51_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9D5E082-EFA6-4EC1-B0F7-D4F41D713F92", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660hn-51_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1199BFD-05AF-4307-805D-8CFE09DC9FBA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660hn-51:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B0138796-FFDC-4976-83AB-018DD7CD7D5F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660h-t1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5E642F1-A6C9-47D8-B8CA-591B925AD632", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660h-t1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92A66C1F-D2BC-46D2-920B-AF81E4964D2C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660h-t1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AFE9380-506C-4DB6-B14E-BF8D36A5B403"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660hw_d1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88F93947-8F4C-4297-BDC1-248C279A3C66", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660hw_d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15EADE70-CC53-4FFD-A7A0-6F47112DEFF8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660hw_d1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1D13FB1A-637D-4E69-B84F-05531DCA5769"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660hw_d3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20A15016-C985-4DC2-8063-20B34A8F38C8", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660hw_d3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "211F500D-83A0-4E98-A602-5A8E28DA80C6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660hw_d3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "465FD6ED-C294-49B2-8F2C-8EF0633DABFF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-660hw_t3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6200AB4-23E4-4D5D-AE01-FA77BD2802E7", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-660hw_t3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EBA6080-40A5-41B8-9ABA-DE9B4D14B905"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-660hw_t3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26E8D38B-1859-4DCE-A566-777432CB7E9D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-661hnu-f1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75CC92BC-C701-4CDB-B3BD-D1A35AE2B513", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-661hnu-f1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1C64678-E7F5-4D49-B057-81A7D332FAEE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-661hnu-f1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D31A24A-C61D-4C9E-ADB7-2A82348A1F8F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-661h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "571F3900-C4E5-4BA7-BCC4-6F4CB11C37FE", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-661h_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82811C5C-C3B3-4F59-B4C7-FF94337575A6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-661h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AC4294BF-24E3-48CB-9C9C-3F212DC3B44C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-661hw-d1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F45DA65D-375A-44C3-8C13-56BE11A62D96", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-661hw-d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D302F58-44B7-4664-8C5B-CD7801BC2C8F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-661hw-d1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "213239B3-6262-43BD-9789-895123B458CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-661hnu-f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E098395-FAA8-4F2F-9BA3-CE020128CC4B", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-661hnu-f3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B7AC499-C52B-4320-9DAC-32268EA2EE2F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-661hnu-f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C246CBE-3153-48F6-9DB3-111496519A54"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-662hw-d3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0FF5102-C646-4576-B06B-7AEDF30597AD", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-662hw-d3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08C40AFF-B177-41D6-AB6B-7684F76B04D6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-662hw-d3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "293A9D18-75F3-4925-A823-783C5D3C5712"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-662hw-d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "248CEACF-760B-400F-AAF8-3942207D7D9E", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-662hw-d_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D3C331D-6579-4A53-A0E1-7B191F52D78F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-662hw-d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AFCEFCAB-785B-441D-9CCF-B45FC769A648"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-662hw-d1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D84E350-5816-4ABE-A2A1-ABB719DFB65A", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-662hw-d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7823501-F6A1-4F4A-98B8-6B272AB6073B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-662hw-d1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AF7B15B0-7767-4338-9B27-94AB74D87E2F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:p-662h-61_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C92F00FE-2074-484E-A65E-6E6AADC6625E", "versionEndIncluding": "3.40\\(ahq.3\\)", "versionStartIncluding": "3.40\\(agd.2\\)"}, {"criteria": "cpe:2.3:o:zyxel:p-662h-61_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48C44A40-5559-483D-B532-2CEB60E0D709"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:p-662h-61:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E24CF1BB-6CE2-475F-A74E-6958FEA47374"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "
[email protected]"}
