CVE-2017-7964

critical

Published 2017-04-19 · Modified 2026-05-13

CVSS v3

10.0

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS v2

10.0

VIR risk

10.0

Description

Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process.

Predictions

Exploit likelihood

98%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://www.oxy-gen.mobi/blog.html

References

https://www.oxy-gen.mobi/blog.html
https://www.oxy-gen.mobi/blog.html

CWEs

CWE-1188

Verify integrity in audit chain (admin only). AS-IS.