Overview
- Description
- A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode.
- Source
- security@zyxel.com.tw
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- security@zyxel.com.tw
- CWE-284
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:nbg7510:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "98CB675F-DF0C-46C3-B206-CCFF407D2BA6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zyxel:nbg7510_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABF003BA-8126-49C0-BFB1-8B8C3A278C71",
"versionEndIncluding": "1.00\\(abzy.2\\)c0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]