Insecure Default Initialization of Resource
CVE-2017-7964
Summary
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process.
- LOW
- NETWORK
- HIGH
- CHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-1188 - Insecure Default Initialization of Resource
The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.
References
Advisory Timeline
- Published