Zyxel Prestige 782R Authentication Bypass

The Zyxel Prestige 782R router (Shodan search) suffers from the RomPager /rom-0 bypass mentioned on earlier blogs.

If you request the /rom-0 file it does not require authentication. This can be reversed using available tools like the one at http://50.57.229.26/zynos.php. The first string returned is the admin password.

Ultimately this is due to the router using the RomPager server. Can identify from the header:

Server: ZyXEL-RomPager/3.02

Advertisements

Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: