Published: 25/07/2017 Updated: 03/11/2017

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 905

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote malicious users to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).

Vulnerable Product	Search on Vulmon	Subscribe to Product
zyxel pk5001z_firmware -

# Exploit Title: ZyXEL PK5001Z Modem - CenturyLink Hardcoded admin and root Telnet Password # Google Dork: n/a # Date: 2017-10-31 # Exploit Author: Matthew Sheimo # Vendor Homepage: wwwzyxelcom/ # Software Link: n/a # Version: PK5001Z 262019 # Tested on: Linux # About: ZyXEL PK5001Z Modem is used by Century Link a global communication ...

The ZyXEL PK5001Z modem has a hardcoded backdoor admin account that allows escalation to root ...

No Cap

AonSploit No Cap Hầu hết các CVE này cũng được công nhận bởi oxagast Đây là một fuzzer, được viết bằng BASH SHELL, được thiết kế để tìm lỗi trong các chương trình BASH SHELL Đây là một công cụ để xây dựng danh sách từ dựa trên những

CWE-255 https://forum.openwrt.org/viewtopic.php?id=62266 https://www.exploit-db.com/exploits/43105/https://nvd.nist.gov https://github.com/AnonOpsVN24/Aon-Sploit https://www.exploit-db.com/exploits/43105/

CVE-2016-10401

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect