Computer Security
[EN] securityvulns.ru no-pyccku


ZyXEL ZyWALL USG unauthorized access
Published:05.05.2011
Source:
SecurityVulns ID:11648
Type:remote
Threat Level:
6/10
Description:Unauthenticated configuration access is possible, authorization is performed on client side.
Affected:ZYXEL : ZyWALL USG-20
 ZYXEL : ZyWALL USG-50
 ZYXEL : ZyWALL USG-100
 ZYXEL : ZyWALL USG-200
 ZYXEL : ZyWALL USG-300
 ZYXEL : ZyWALL USG-1000
 ZYXEL : ZyWALL USG-1050
 ZYXEL : ZyWALL USG-2000
Original documentdocumentRedTeam Pentesting, [RT-SA-2011-004] Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface (05.05.2011)
 documentRedTeam Pentesting, [RT-SA-2011-003] Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances (05.05.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod