CVE-2020-29583

Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zyxel:usg20-vpn_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:zyxel:usg40_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:zyxel:usg40w_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:zyxel:usg60_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:zyxel:usg60w_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:zyxel:usg110_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:zyxel:usg210_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:zyxel:usg310_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:zyxel:usg1100_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:zyxel:usg1900_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:zyxel:usg2200_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:zyxel:zywall110_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall110:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:zyxel:zywall310_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall310:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:zyxel:zywall1100_firmware:4.60:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall1100:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:21

Type Values Removed Values Added
References
  • {'url': 'http://ftp.zyxel.com/USG40/firmware/USG40_4.60(AALA.1)C0_2.pdf', 'name': 'http://ftp.zyxel.com/USG40/firmware/USG40_4.60(AALA.1)C0_2.pdf', 'tags': ['Vendor Advisory'], 'refsource': 'CONFIRM'}
  • () http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdf -

28 Oct 2023, 01:15

Type Values Removed Values Added
References
  • (MISC) https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/ -

12 Jul 2022, 17:42

Type Values Removed Values Added
CWE CWE-312 CWE-522

14 Jan 2021, 14:49

Type Values Removed Values Added
CVSS v2 : 2.1
v3 : 7.8
v2 : 10.0
v3 : 9.8

Information

Published : 2020-12-22 22:15

Updated : 2023-12-10 13:41


NVD link : CVE-2020-29583

Mitre link : CVE-2020-29583

CVE.ORG link : CVE-2020-29583


JSON object : View

Products Affected

zyxel

  • usg40_firmware
  • usg2200
  • usg40w_firmware
  • zywall1100
  • usg210_firmware
  • usg2200_firmware
  • usg1900_firmware
  • usg110_firmware
  • usg310
  • usg20w-vpn_firmware
  • usg40w
  • usg1100
  • zywall110_firmware
  • usg210
  • usg20-vpn_firmware
  • usg20w-vpn
  • usg60w
  • usg1100_firmware
  • usg60w_firmware
  • usg1900
  • usg60
  • usg20-vpn
  • zywall310_firmware
  • zywall1100_firmware
  • zywall110
  • usg110
  • usg40
  • usg60_firmware
  • usg310_firmware
  • zywall310
CWE
CWE-522

Insufficiently Protected Credentials