CVE-2017-18373

02.05.2019, 17:29

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a repetition of the string 0123456789. These accounts can be used to login to the web interface, exploit authenticated command injections, and change router settings for malicious purposes.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Vendor	Product	Version
billion	5200w-t_firmware	7.3.8.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-798 - Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

References

https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt

https://seclists.org/fulldisclosure/2017/Jan/40

https://ssd-disclosure.com/index.php/archives/2910

https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt

https://seclists.org/fulldisclosure/2017/Jan/40

https://ssd-disclosure.com/index.php/archives/2910