Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-0890

**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so.

Published

2025-02-04T11:15:08.880

Last Modified

2025-12-15T21:02:44.180

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-287
  • Type: Primary
    CWE-522
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System zyxel vmg4325-b10a_firmware - Yes
Hardware zyxel vmg4325-b10a - No
Operating System zyxel sbg3500-n000_firmware - Yes
Hardware zyxel sbg3500-n000 - No
Operating System zyxel vmg1312-b10a_firmware - Yes
Hardware zyxel vmg1312-b10a - No
Operating System zyxel vmg1312-b10b_firmware - Yes
Hardware zyxel vmg1312-b10b - No
Operating System zyxel vmg1312-b10e_firmware - Yes
Hardware zyxel vmg1312-b10e - No
Operating System zyxel vmg3312-b10a_firmware - Yes
Hardware zyxel vmg3312-b10a - No
Operating System zyxel vmg3313-b10a_firmware - Yes
Hardware zyxel vmg3313-b10a - No
Operating System zyxel vmg3926-b10b_firmware - Yes
Hardware zyxel vmg3926-b10b - No
Operating System zyxel vmg4325-b10a_firmware - Yes
Hardware zyxel vmg4325-b10a - No
Operating System zyxel vmg4380-b10a_firmware - Yes
Hardware zyxel vmg4380-b10a - No
Operating System zyxel vmg8324-b10a_firmware - Yes
Hardware zyxel vmg8324-b10a - No
Operating System zyxel vmg8924-b10a_firmware - Yes
Hardware zyxel vmg8924-b10a - No
Operating System zyxel sbg3300-n000_firmware - Yes
Hardware zyxel sbg3300-n000 - No
Operating System zyxel sbg3300-nb00_firmware - Yes
Hardware zyxel sbg3300-nb00 - No
Operating System zyxel sbg3500-nb00_firmware - Yes
Hardware zyxel sbg3500-nb00 - No
References