CVE-2019-15803
Summary
| CVE | CVE-2019-15803 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-11-14 21:15:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPasswd_ret(). The firmware contains access control checks that determine if remote users are allowed to access this functionality. The function that performs this check (fds_sys_remoteDebugEnable_ret in libfds.so) always return TRUE with no actual checks performed. The diagnostics menu allows for reading/writing arbitrary registers and various other configuration parameters which are believed to be related to the network interface chips. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Zyxel | Gs1900-10hp | - | All | All | All |
| Hardware | Zyxel | Gs1900-10hp | - | All | All | All |
| Operating System | Zyxel | Gs1900-10hp Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-10hp Firmware | All | All | All | All |
| Hardware | Zyxel | Gs1900-16 | - | All | All | All |
| Hardware | Zyxel | Gs1900-16 | - | All | All | All |
| Operating System | Zyxel | Gs1900-16 Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-16 Firmware | All | All | All | All |
| Hardware | Zyxel | Gs1900-24 | - | All | All | All |
| Hardware | Zyxel | Gs1900-24 | - | All | All | All |
| Hardware | Zyxel | Gs1900-24e | - | All | All | All |
| Hardware | Zyxel | Gs1900-24e | - | All | All | All |
| Operating System | Zyxel | Gs1900-24e Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-24e Firmware | All | All | All | All |
| Hardware | Zyxel | Gs1900-24hp | - | All | All | All |
| Hardware | Zyxel | Gs1900-24hp | - | All | All | All |
| Operating System | Zyxel | Gs1900-24hp Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-24hp Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-24 Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-24 Firmware | All | All | All | All |
| Hardware | Zyxel | Gs1900-48 | - | All | All | All |
| Hardware | Zyxel | Gs1900-48 | - | All | All | All |
| Hardware | Zyxel | Gs1900-48hp | - | All | All | All |
| Hardware | Zyxel | Gs1900-48hp | - | All | All | All |
| Operating System | Zyxel | Gs1900-48hp Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-48hp Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-48 Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-48 Firmware | All | All | All | All |
| Hardware | Zyxel | Gs1900-8 | - | All | All | All |
| Hardware | Zyxel | Gs1900-8 | - | All | All | All |
| Hardware | Zyxel | Gs1900-8hp | - | All | All | All |
| Hardware | Zyxel | Gs1900-8hp | - | All | All | All |
| Operating System | Zyxel | Gs1900-8hp Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-8hp Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-8 Firmware | All | All | All | All |
| Operating System | Zyxel | Gs1900-8 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Exploring Zyxel GS1900 firmware with Ghidra - [ jasper.la ] | MISC | jasper.la | Exploit, Third Party Advisory |
| Zyxel security advisory for GS1900 switch vulnerabilities | Zyxel | CONFIRM | www.zyxel.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.