Vulnerability Description
Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zoom | Model 5560 X3 Ethernet Adsl Modem | All versions |
References
- http://marc.info/?l=bugtraq&m=108915255520924&w=2
- http://www.securityfocus.com/bid/10669Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16639
- http://marc.info/?l=bugtraq&m=108915255520924&w=2
- http://www.securityfocus.com/bid/10669Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16639
FAQ
What is CVE-2004-0680?
CVE-2004-0680 is a vulnerability with a CVSS score of 10.0 (HIGH). Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow r...
How severe is CVE-2004-0680?
CVE-2004-0680 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0680?
Check the references section above for vendor advisories and patch information. Affected products include: Zoom Model 5560 X3 Ethernet Adsl Modem.