lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAAs52qHX0bB=jhSQk8P3-fx86xCdHABdwC3y0SDsM=hD8Ds20g@mail.gmail.com>
Date: Sun, 14 Aug 2022 22:19:36 -0500
From: Eric Urban <hydrogen18@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Zyxel IPC 3605N & 4605N / Remote shell access

Hello everyone,

I have identified that the Zyxel IPC 3605N and 4605N IP based security
cameras have multiple flaws. Combining these together leads to the ability
for an attacker to remotely install root shell access on the device.

A web server installed for UPnP purposes allows the plaintext passwords to
be retrieved by anyone. This grants access to the web administration
interface. From there, a tarball can be downloaded, modified with a script
to execute telnetd, and then uploaded back to the device.

Full report with link to a PoC here:
http://www.hydrogen18.com/blog/hacking-zyxel-ip-cameras-pt-1.html

Eric
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ