A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30 firmware with pre-configured password management could allow an attacker to obtain root access of the device, if the local attacker dismantles the device and uses a USB-to-UART cable to connect the device, or if the remote assistance feature had been enabled by an authenticated user.
2021-11-23T22:15:07.623
2024-11-21T06:11:42.923
Modified
CVSSv3.1: 7.8 (HIGH)
AV:L/AC:M/Au:N/C:C/I:C/A:C
3.4
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | zyxel | nbg6818_firmware | < 1.00\(absc.5\)c0 | Yes |
| Hardware | zyxel | nbg6818 | - | No |
| Operating System | zyxel | nbg7815_firmware | < 1.00\(absk.7\)c0 | Yes |
| Hardware | zyxel | nbg7815 | - | No |
| Operating System | zyxel | wsq20_firmware | < 1.00\(abof.11\)c0 | Yes |
| Hardware | zyxel | wsq20 | - | No |
| Operating System | zyxel | wsq50_firmware | < 2.20\(abkj.7\)c0 | Yes |
| Hardware | zyxel | wsq50 | - | No |
| Operating System | zyxel | wsq60_firmware | < 2.20\(abnd.8\)c0 | Yes |
| Hardware | zyxel | wsq60 | - | No |
| Operating System | zyxel | wsr30_firmware | < 1.00\(abmy.12\)c0 | Yes |
| Hardware | zyxel | wsr30 | - | No |