Vulnerability Description
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a repetition of the string 0123456789. These accounts can be used to login to the web interface, exploit authenticated command injections, and change router settings for malicious purposes.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Billion | 5200W-T Firmware | 7.3.8.0 |
| Billion | 5200W-T | - |
Related Weaknesses (CWE)
References
- https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.ExploitThird Party Advisory
- https://seclists.org/fulldisclosure/2017/Jan/40ExploitMailing ListThird Party Advisory
- https://ssd-disclosure.com/index.php/archives/2910ExploitTechnical DescriptionThird Party Advisory
- https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.ExploitThird Party Advisory
- https://seclists.org/fulldisclosure/2017/Jan/40ExploitMailing ListThird Party Advisory
- https://ssd-disclosure.com/index.php/archives/2910ExploitTechnical DescriptionThird Party Advisory
FAQ
What is CVE-2017-18373?
CVE-2017-18373 is a vulnerability with a CVSS score of 8.8 (HIGH). The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username tru...
How severe is CVE-2017-18373?
CVE-2017-18373 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18373?
Check the references section above for vendor advisories and patch information. Affected products include: Billion 5200W-T Firmware, Billion 5200W-T.