Unrated severityNVD Advisory· Published Mar 26, 2008· Updated Apr 23, 2026

CVE-2008-1524

Description

The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has "public" as its default community for both (1) read and (2) write operations, which allows remote attackers to perform administrative actions via SNMP, as demonstrated by reading the Dynamic DNS service password or inserting an XSS sequence into the system.sysName.0 variable, which is displayed on the System Status page.

Affected products

Zyxel/Prestige 6602 versions
cpe:2.3:h:zyxel:prestige_660:h-d1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:zyxel:prestige_660:h-d1:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel:prestige_660:h-d3:*:*:*:*:*:*:*
Zyxel/Prestige 661
cpe:2.3:h:zyxel:prestige_661:hw-d1:*:*:*:*:*:*:*
Zyxel/Zynos6 versions
cpe:2.3:h:zyxel:zynos:3.40:agd.2:*:*:*:*:*:*+ 5 more
- cpe:2.3:h:zyxel:zynos:3.40:agd.2:*:*:*:*:*:*
- cpe:2.3:h:zyxel:zynos:3.40:agl.3:*:*:*:*:*:*
- cpe:2.3:h:zyxel:zynos:3.40:ahq.0:*:*:*:*:*:*
- cpe:2.3:h:zyxel:zynos:3.40:ahq.3:*:*:*:*:*:*
- cpe:2.3:h:zyxel:zynos:3.40:ahz.0:*:*:*:*:*:*
- cpe:2.3:h:zyxel:zynos:3.40:atm.0:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000