CVE-2004-1540

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.

Affected (8)

Products: Zyxel: Prestige, Zynos

2 products

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Zyxel Prestige	Version 645r_a1
Zyxel Prestige	Version 650h
Zyxel Prestige	Version 650hw
Zyxel Prestige	Version 650hw_31
Zyxel Prestige	Version 650r
Zyxel Zynos	Version 3.40
Zyxel Zynos	Version is.3
Zyxel Zynos	Version is.5

References (14)

http://marc.info/?l=bugtraq&m=110116413414615&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110135136811344&w=2

Source: cve@mitre.org

http://secunia.com/advisories/13278

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1012298

Source: cve@mitre.org

Exploit

http://www.osvdb.org/12108

Source: cve@mitre.org

http://www.securityfocus.com/bid/11723

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/18202

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110116413414615&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=110135136811344&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/13278

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1012298

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.osvdb.org/12108

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/11723

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/18202

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.