Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
891
VMScore

CVE-2020-29583

Published: 22/12/2020 Updated: 07/11/2023
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Zyxel

Vulnerability Summary

Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

zyxel usg20-vpn_firmware 4.60

zyxel usg20w-vpn_firmware 4.60

zyxel usg40_firmware 4.60

zyxel usg40w_firmware 4.60

zyxel usg60_firmware 4.60

zyxel usg60w_firmware 4.60

zyxel usg110_firmware 4.60

zyxel usg210_firmware 4.60

zyxel usg310_firmware 4.60

zyxel usg1100_firmware 4.60

zyxel usg1900_firmware 4.60

zyxel usg2200_firmware 4.60

zyxel zywall110_firmware 4.60

zyxel zywall310_firmware 4.60

zyxel zywall1100_firmware 4.60

Github Repositories

https://github.com/2d4d/scan_CVE-2020-29583

Scanner for Zyxel products which are potentially vulnerable due to an undocumented user account (CVE-2020-29583)

Scanner for Zyxel products which are vulnerable due to an undocumented user account (CVE-2020-29583) Vuln details: wwweyecontrolnl/blog/undocumented-user-account-in-zyxel-productshtml (But I'm not sure if it's really possible to login with zyfwp via the web interface? Any reports would be appreciated Also the link to the "full list of affected devices

https://github.com/MartinDojcinoski23/BruteX-master

You may modify and re-distribute this software as long as the project name "BruteX", credit to the author "xer0dayz" and website URL "https://xerosecurity.com" are NOT mofified. Doing so will break the license agreement and a takedown notice will be issued.

BruteX-master You may modify and re-distribute this software as long as the project name "BruteX", credit to the author "xer0dayz" and website URL "xerosecuritycom" are NOT mofified Doing so will break the license agreement and a takedown notice will be issued BruteX ABOUT: Automatically brute force all services running on a target

References

CWE-522https://www.zyxel.com/support/security_advisories.shtmlhttps://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-releasehttps://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.htmlhttps://www.zyxel.com/support/CVE-2020-29583.shtmlhttps://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdfhttps://nvd.nist.govhttps://github.com/2d4d/scan_CVE-2020-29583
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook