A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. An unauthenticated attacker could use the credentials to access the WLAN service if the configuration file has been retrieved from the device by leveraging another known vulnerability.
History

Fri, 06 Dec 2024 07:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Zyxel

Published: 2023-01-17T00:00:00

Updated: 2024-12-06T06:45:51.695Z

Reserved: 2022-11-15T00:00:00

Link: CVE-2022-45439

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-01-17T02:15:09.427

Modified: 2024-12-06T07:15:04.680

Link: CVE-2022-45439

cve-icon Redhat

No data.