CVE-2014-0329

EPSS 25.02%
Published 04.02.2014 05:39:08
Last modified 11.04.2025 00:51:21
Source cret@cert.org
Teams watchlist Login
Open Login

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Zte ≫ Zxv10 W300 Version2.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	25.02%	0.96

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://blog.alguien.at/2014/02/hackeando-el-router-zte-zxv10-w300-v21.html

http://osvdb.org/102816

http://packetstormsecurity.com/files/125142/ZTE-ZXV10-W300-Hardcoded-Credentials.html

http://www.kb.cert.org/vuls/id/228886

US Government Resource

http://www.securityfocus.com/bid/65310

https://exchange.xforce.ibmcloud.com/vulnerabilities/90958

https://nvd.nist.gov/vuln/detail/CVE-2014-0329

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0329

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0329

EUVD