VAR-200408-0066
Vulnerability from variot - Updated: 2025-04-03 22:41Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access. Zoom Model 5560 X3 is an EHTERNET ADSL modem.
The Zoom Model 5560 X3 has a default backdoor account, and remote attackers can use this vulnerability to control this device. Attackers can use this vulnerability to control the device. A remote attacker can gain unauthorized access to the vulnerable appliance and then carry out other attacks against the users of the network
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200408-0066",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "model 5560 x3 ethernet adsl modem",
"scope": "eq",
"trust": 1.0,
"vendor": "zoom",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "model 5560 x3 ethernet adsl modem",
"scope": null,
"trust": 0.6,
"vendor": "zoom",
"version": null
},
{
"model": "model ethernet adsl modem",
"scope": "eq",
"trust": 0.3,
"vendor": "zoom",
"version": "5560x3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1949"
},
{
"db": "BID",
"id": "10669"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
},
{
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Laurie\u203b adam@algroup.co.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0680",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0680",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-9110",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0680",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200408-090",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-9110",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9110"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
},
{
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access. Zoom Model 5560 X3 is an EHTERNET ADSL modem. \n\r\n\r\n The Zoom Model 5560 X3 has a default backdoor account, and remote attackers can use this vulnerability to control this device. Attackers can use this vulnerability to control the device. \nA remote attacker can gain unauthorized access to the vulnerable appliance and then carry out other attacks against the users of the network",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0680"
},
{
"db": "CNVD",
"id": "CNVD-2004-1949"
},
{
"db": "BID",
"id": "10669"
},
{
"db": "VULHUB",
"id": "VHN-9110"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0680",
"trust": 2.6
},
{
"db": "BID",
"id": "10669",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2004-1949",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040706 BACKDOOR MENU ON CONEXANT CHIPSET DSL ROUTER (ZOOM X3)",
"trust": 0.6
},
{
"db": "XF",
"id": "16639",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9110",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1949"
},
{
"db": "VULHUB",
"id": "VHN-9110"
},
{
"db": "BID",
"id": "10669"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
},
{
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"id": "VAR-200408-0066",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9110"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:41:52.502000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10669"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16639"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108915255520924\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16639"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108915255520924\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.zoom.com/"
},
{
"trust": 0.3,
"url": "/archive/1/368118"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108915255520924\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9110"
},
{
"db": "BID",
"id": "10669"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
},
{
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2004-1949"
},
{
"db": "VULHUB",
"id": "VHN-9110"
},
{
"db": "BID",
"id": "10669"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
},
{
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-07-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1949"
},
{
"date": "2004-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-9110"
},
{
"date": "2004-07-06T00:00:00",
"db": "BID",
"id": "10669"
},
{
"date": "2004-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-090"
},
{
"date": "2004-08-06T04:00:00",
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1949"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9110"
},
{
"date": "2009-07-12T06:16:00",
"db": "BID",
"id": "10669"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-090"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0680"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zoom Model 5560 X3 Ethernet ADSL Modem default backdoor account vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1949"
},
{
"db": "BID",
"id": "10669"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "10669"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-090"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…