CVE-2018-18754

EUVD-2018-10470
ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+ password hash in the etc/default.cfg file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
Affected Products (NVD)
VendorProductVersion
zyxelvmg3312-b10b_firmware
1.00\(aapp.7\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/numanturle/c99d3306e9e4e17bb2164dde363406bc
https://gist.github.com/numanturle/c99d3306e9e4e17bb2164dde363406bc