← back
CVE-2023-28770

CVE-2023-28770

CVSS 7.5 HIGHEPSS 57.8%CWE-200CWE-203
In short

A flaw in Zyxel DX5401-B0 routers allows attackers to access system files and retrieve the supervisor password without logging in. This happens through two vulnerable components that expose sensitive encrypted information.

Technical detail

The CGI export_log and zcmd binary in affected Zyxel DX5401-B0 firmware versions (pre-V5.17) fail to properly restrict access to sensitive files, enabling unauthenticated remote attackers to extract system configuration data and decrypt supervisor credentials through information disclosure vectors.

Summary generated and translated by AI from the official description.
The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Zyxel · DX5401-B0 firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/172277/Zyxel-Chained-Remote-Code-Execution.htmlhttps://packetstorm.news/files/id/172277https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities