CVE-2017-18368β€”Zyxel P660HN-T1A Routers Command Injection Vulnerability

PUBLISHEDvulnerability record
2023-08-07 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2017-18368
Project:
Zyxel
Product:
P660HN-T1A Routers
Date Added:
2023-08-07
Due Date:
2023-08-28
Last Updated:
June 21, 2025

Vulnerability Name

Zyxel P660HN-T1A Routers Command Injection Vulnerability

Description

Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remote_host parameter of the ViewLog.asp page.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

Related News Articles

Related Weaknesses