CVE-2001-1135

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

14/08/2001

Last modified:

03/04/2025

Description

ZyXEL Prestige 642R and 642R-I routers do not filter the routers&#39; Telnet and FTP ports on the external WAN interface from inside access, allowing someone on an internal computer to reconfigure the router, if the password is known.

Impact

Vector 2.0

AV:N/AC:L/Au:N/C:P/I:P/A:P CVSS v2.0 Severity and Metrics:

Base Score: 7.50 HIGH
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Attack Vector (AV): Network
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): Physical
Integrity (I): Physical
Availability (A): Physical

Base Score 2.0

7.50

Severity 2.0

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:h:zyxel:prestige:642r:::::::*

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

http://www.securityfocus.com/archive/1/203022
http://www.securityfocus.com/archive/1/203592
http://www.securityfocus.com/archive/1/204439
http://www.securityfocus.com/archive/1/214971
http://www.securityfocus.com/bid/3346
https://exchange.xforce.ibmcloud.com/vulnerabilities/7146
http://www.securityfocus.com/archive/1/203022
http://www.securityfocus.com/archive/1/203592
http://www.securityfocus.com/archive/1/204439
http://www.securityfocus.com/archive/1/214971
http://www.securityfocus.com/bid/3346
https://exchange.xforce.ibmcloud.com/vulnerabilities/7146