CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2025-0890

CVSS 9.8v3.1pub. 2025-02-04upd. 2025-12-15

**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so.

🤖 AI Analysis
How it works

Firmware in Zyxel VMG4325-B10A devices (version 1.00(AAFR.4)C0_20170615) and related models contains factory-set credentials for the Telnet service. Administrators have the technical capability to change these credentials, however, if they do not, an attacker can log into the management interface using publicly known default authentication credentials. The vulnerability is classified as CWE-287 (improper authentication) and CWE-522 (insufficiently protected credentials).

Impact

An attacker gains full access to the device's management interface via Telnet, which may lead to device takeover, modification of its configuration, breach of confidentiality and integrity of transmitted data, and potential use of the device as an entry point to the internal network.

Mitigation & patch

The manufacturer has designated these devices as independently supported (UNSUPPORTED WHEN ASSIGNED) — official patches may not be available. Default authentication credentials for Telnet functionality must be changed immediately, and ideally the Telnet service should be completely disabled and replaced with a more secure protocol (e.g., SSH). It is recommended to consider replacing devices with supported models. Detailed recommendations from the manufacturer are available in the official Zyxel security advisory from 2025-02-04.

Who is affected

Zyxel VMG4325-B10A firmware 1.00(AAFR.4)C0_20170615, Zyxel SBG3500-N000, and Zyxel VMG1312-B10A — devices designated as legacy (independently supported at the time of CVE assignment), specific firmware versions indicated in manufacturer references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zyxel Sbg3300 N000

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Sbg3300 N000 Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Sbg3300 Nb00

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Sbg3300 Nb00 Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Sbg3500 N000

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Sbg3500 N000 Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Sbg3500 Nb00

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Sbg3500 Nb00 Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg1312 B10a

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg1312 B10a Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg1312 B10b

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg1312 B10b Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg1312 B10e

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg1312 B10e Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg3312 B10a

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg3312 B10a Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg3313 B10a

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg3313 B10a Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg3926 B10b

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg3926 B10b Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg4325 B10a

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg4325 B10a Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg4380 B10a

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg4380 B10a Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg8324 B10a

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg8324 B10a Firmware

    OS
    Zyxel
    wszystkie wersje
  • Zyxel Vmg8924 B10a

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Vmg8924 B10a Firmware

    OS
    Zyxel
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-40890HIGH8.8⚠ KEVten sam produkt

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI program of the ...

CVE-2024-40891HIGH8.8⚠ KEVten sam produkt

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands...

CVE-2015-7256MEDIUM5.9ten sam produkt

ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG...

CVE-2023-27992CRITICAL9.8⚠ KEVten sam vendor

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AA...

CVE-2023-33009CRITICAL9.8⚠ KEVten sam vendor

A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 throug...