CVE-2020-13365

Published: 06/08/2020 Updated: 09/02/2022

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zyxel nas326 firmware
zyxel nas520 firmware
zyxel nas540 firmware
zyxel nas542 firmware

Vulnerability research, firmware analysis, reverse engineering, programming notes (as much as I can)

@r0mpage IoT Stuff Ковыряем Часть 1 Бэкдор в прошивке Zyxel Ковыряем Часть 2 Реверс файла инициализации бэкдора, QEMU Пара слов о devicetree, DTB, DTS Ассемблер Xtensa 0-day's Уязвимости, которые были мной обнаружены, описаны и зареги

CWE-287 https://www.zyxel.com/us/en/support/security_advisories.shtml https://www.zyxel.com/support/Zyxel-security-advisory-for-NAS-remote-access-vulnerability.shtml https://nvd.nist.gov https://github.com/r0mpage/r0mpage.github.io

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-13365

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect