An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPasswd_ret(). The firmware contains access control checks that determine if remote users are allowed to access this functionality. The function that performs this check (fds_sys_remoteDebugEnable_ret in libfds.so) always return TRUE with no actual checks performed. The diagnostics menu allows for reading/writing arbitrary registers and various other configuration parameters which are believed to be related to the network interface chips.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-14T20:15:56

Updated: 2024-08-05T00:56:22.468Z

Reserved: 2019-08-29T00:00:00

Link: CVE-2019-15803

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-14T21:15:11.890

Modified: 2024-11-21T04:29:29.943

Link: CVE-2019-15803

cve-icon Redhat

No data.