CVE-2008-1526
Published Mar 26, 2008
Last updated 9 months ago
Overview
- Description
- ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-916
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-663hn-51_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62972D5A-85C3-4DD4-A26A-471D4E82357F",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-663hn-51_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E92F1B9-AF50-4E0D-B3AC-3C306A383A44"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-663hn-51:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1F2A8EAA-E91F-48D8-82F9-0719C6F6BB2F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660h-61_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5252D640-B50B-4532-ABBD-912A37F596DD",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660h-61_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5B68B4A-D806-49C8-AE14-504BE57CAB95"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660h-61:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B996FCFC-C719-43B1-9088-3867D5C124BE"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660h-63_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39CB46BC-64D2-46AE-BD36-1A79EB36B292",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660h-63_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5142FA69-CA58-46F4-BCDD-9798DCCB3AD3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660h-63:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D0F5B1A3-7A36-4A84-B0C1-508036A0AB5B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660h-67_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67B02999-B7EB-402E-8146-020ACC9ED382",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660h-67_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76279D36-5A32-4B6E-9F78-3EEFB70E55C1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660h-67:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6D676131-6B32-4B57-8E77-95A9F63375B0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660h-d1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD203D62-1938-4521-81D5-154A7425B9B8",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660h-d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3295C0E2-C458-4902-8694-2A3ACFBCE653"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660h-d1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DF5193DA-10B0-4C7D-B210-CF074E531215"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660h-d3_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9001B98C-9F05-4C1A-8193-D1B553484A7D",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660h-d3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "910FB6FC-66EC-48EE-8D61-BAE34D7BFB65"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660h-d3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "38FD0899-E818-461E-B6FA-48E9564BBB04"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660hn-51_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9D5E082-EFA6-4EC1-B0F7-D4F41D713F92",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660hn-51_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1199BFD-05AF-4307-805D-8CFE09DC9FBA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660hn-51:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B0138796-FFDC-4976-83AB-018DD7CD7D5F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660h-t1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5E642F1-A6C9-47D8-B8CA-591B925AD632",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660h-t1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92A66C1F-D2BC-46D2-920B-AF81E4964D2C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660h-t1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7AFE9380-506C-4DB6-B14E-BF8D36A5B403"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660hw_d1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88F93947-8F4C-4297-BDC1-248C279A3C66",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660hw_d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15EADE70-CC53-4FFD-A7A0-6F47112DEFF8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660hw_d1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1D13FB1A-637D-4E69-B84F-05531DCA5769"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660hw_d3_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20A15016-C985-4DC2-8063-20B34A8F38C8",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660hw_d3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "211F500D-83A0-4E98-A602-5A8E28DA80C6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660hw_d3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "465FD6ED-C294-49B2-8F2C-8EF0633DABFF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-660hw_t3_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6200AB4-23E4-4D5D-AE01-FA77BD2802E7",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-660hw_t3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EBA6080-40A5-41B8-9ABA-DE9B4D14B905"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-660hw_t3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "26E8D38B-1859-4DCE-A566-777432CB7E9D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-661hnu-f1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75CC92BC-C701-4CDB-B3BD-D1A35AE2B513",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-661hnu-f1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1C64678-E7F5-4D49-B057-81A7D332FAEE"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-661hnu-f1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3D31A24A-C61D-4C9E-ADB7-2A82348A1F8F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-661h_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "571F3900-C4E5-4BA7-BCC4-6F4CB11C37FE",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-661h_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82811C5C-C3B3-4F59-B4C7-FF94337575A6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-661h:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AC4294BF-24E3-48CB-9C9C-3F212DC3B44C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-661hw-d1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F45DA65D-375A-44C3-8C13-56BE11A62D96",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-661hw-d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D302F58-44B7-4664-8C5B-CD7801BC2C8F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-661hw-d1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "213239B3-6262-43BD-9789-895123B458CC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-661hnu-f3_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E098395-FAA8-4F2F-9BA3-CE020128CC4B",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-661hnu-f3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B7AC499-C52B-4320-9DAC-32268EA2EE2F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-661hnu-f3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4C246CBE-3153-48F6-9DB3-111496519A54"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-662hw-d3_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0FF5102-C646-4576-B06B-7AEDF30597AD",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-662hw-d3_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08C40AFF-B177-41D6-AB6B-7684F76B04D6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-662hw-d3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "293A9D18-75F3-4925-A823-783C5D3C5712"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-662hw-d_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "248CEACF-760B-400F-AAF8-3942207D7D9E",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-662hw-d_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D3C331D-6579-4A53-A0E1-7B191F52D78F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-662hw-d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AFCEFCAB-785B-441D-9CCF-B45FC769A648"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-662hw-d1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D84E350-5816-4ABE-A2A1-ABB719DFB65A",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-662hw-d1_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7823501-F6A1-4F4A-98B8-6B272AB6073B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-662hw-d1:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AF7B15B0-7767-4338-9B27-94AB74D87E2F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:p-662h-61_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C92F00FE-2074-484E-A65E-6E6AADC6625E",
"versionEndIncluding": "3.40\\(ahq.3\\)",
"versionStartIncluding": "3.40\\(agd.2\\)"
},
{
"criteria": "cpe:2.3:o:zyxel:p-662h-61_firmware:3.40\\(pe9\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48C44A40-5559-483D-B532-2CEB60E0D709"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:p-662h-61:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E24CF1BB-6CE2-475F-A74E-6958FEA47374"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]