Home  >  CVE-2015-6016
CVE Details for CVE: CVE-2015-6016
Summary
ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors.
Timestamps
Last major update 07-12-2016 - 18:17
Published 31-12-2015 - 05:59
Last modified 07-12-2016 - 18:17
References
Vulnerable Configurations
  • cpe:2.3:h:zyxel:nbg-418n:-:*:*:*:*:*:*:*
    cpe:2.3:h:zyxel:nbg-418n:-:*:*:*:*:*:*:*
  • cpe:2.3:h:zyxel:p-660hw-t1_2:*:*:*:*:*:*:*:*
    cpe:2.3:h:zyxel:p-660hw-t1_2:*:*:*:*:*:*:*:*
  • cpe:2.3:o:zyxel:zynos_firmware:3.40\(axh.0\):*:*:*:*:*:*:*
    cpe:2.3:o:zyxel:zynos_firmware:3.40\(axh.0\):*:*:*:*:*:*:*
  • cpe:2.3:o:zyxel:pmg5318-b20a_firmware:v100aanc0b5:*:*:*:*:*:*:*
    cpe:2.3:o:zyxel:pmg5318-b20a_firmware:v100aanc0b5:*:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
CWE
CWE-255
CVSS
Base
10.0
Impact
10.0
Exploitability
10.0
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
CVSS3
Base
9.8
Impact
5.9
Exploitability
3.9
Access
Attack ComplexityAttack vectorPrivileges RequiredScopeUser Interaction
LOW NETWORK NONE UNCHANGED NONE
Impact
ConfidentialityIntegrityAvailability
HIGH HIGH HIGH
VIA4 references
cvss-vector via4
AV:N/AC:L/Au:N/C:C/I:C/A:C
cvss3-vector via4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
msbulletin via4
bulletin_id MS16-079
bulletin_url
date 2016-06-14T00:00:00
impact Elevation of Privilege
knowledgebase_id 3160339
knowledgebase_url
severity Important
title Security Update for Microsoft Exchange Server
refmap via4
cert-vn VU#870744
confirm https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R
sectrack
  • 1034552
  • 1034553
  • 1034554