CVE-2008-1528
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-1528
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for (1) RemMagSNMP.html, which discloses SNMP communities; or (2) WLAN.html, which discloses WEP keys.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ZyXEL Prestige路由器直接的HTTP请求信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ZyXEL Prestige路由器, 包括带有固件3.40(AGD.2)到3.40(AHQ.3)的P-660,P-661和P-662模式,远程认证用户通过先制作一个直接的HTTP请求,再读取HTML源,来获得身份认证数据。比如,对(1)RemMagSNMP.html的请求,会显示SNMP communities;对(2)WLAN.html的请求,会显示WEP keys。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-1528
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-1528
请登录查看更多情报信息。
Vendor Advisories for CVE-2008-1528 (2)
Other References for CVE-2008-1528 (2)
- http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdfx_refsource_MISC
- http://www.gnucitizen.org/projects/router-hacking-challenge/x_refsource_MISC
Same Patch Batch · n/a · 2008-03-26 · 13 CVEs total
| CVE-2003-1553 | Haakon Nilsen Simple Internet Publishing System 信息泄露漏洞 | |
| CVE-2003-1554 | ScozBook 跨站脚本漏洞 | |
| CVE-2003-1555 | ScozBook 信息泄露漏洞 | |
| CVE-2008-1521 | ZyXEL Prestige路由器 管理员URIs权限许可和访问控制漏洞 | |
| CVE-2008-1522 | ZyXEL Prestige路由器P-660和P-661模式用户权限漏洞 | |
| CVE-2008-1523 | ZyXEL Prestige路由器信息动态的DNS泄露漏洞 | |
| CVE-2008-1524 | ZyXEL Prestige路由器SNMP服务器的P-660和P-661模式 system.sysName.0变量跨站脚本攻击漏洞 | |
| CVE-2008-1525 | ZyXEL Prestige路由器 IP地址欺骗漏洞 | |
| CVE-2008-1526 | ZyXEL Prestige路由器 MD5加密问题漏洞 | |
| CVE-2008-1527 | ZyXEL Prestige路由器P-660,P-661和P-662模式HTTP验证安全权限漏洞 | |
| CVE-2008-1529 | ZyXEL Prestige路由器帐户暴力破解漏洞 | |
| CVE-2008-1514 | Linux Kernel s390 ptrace 'ptrace.c' 拒绝服务漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9422
KLiK SocialMediaWebsite HTTP POST Request Parameter injectio - CVE-2026-9421
KLiK SocialMediaWebsite File upload.inc.php uniqid unrestric - CVE-2026-9420
KLiK SocialMediaWebsite HTTP GET Request Parameter injection - CVE-2026-9376
JPress UCenter Article Submission Endpoint doWriteSave impro - CVE-2026-9373
JeecgBoot OpenAPI Endpoint call improper authentication
V. Comments for CVE-2008-1528
No comments yet