Vulnerability Details CVE-2019-6725
The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Products affected by CVE-2019-6725
-
cpe:2.3:h:zyxel:p-660hn-t1:2
-
cpe:2.3:o:zyxel:p-660hn-t1_firmware:2.00(aakk.3)