CVE-2004-1540

ZyXEL Prestige 623, 650, 652 - Unauthenticated Configuration Reset via rpFWUpload.html

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1540. PoCs published by Francisco Canela.

AI-analyzed exploit summary This is a writeup describing an authentication bypass vulnerability in ZyXEL Prestige routers. The vulnerability allows unauthenticated access to a configuration page, enabling an attacker to reset the router's configuration.

Description

ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Francisco Canela · textremotehardware
https://www.exploit-db.com/exploits/24760

This is a writeup describing an authentication bypass vulnerability in ZyXEL Prestige routers. The vulnerability allows unauthenticated access to a configuration page, enabling an attacker to reset the router's configuration.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: ZyXEL Prestige router series (firmware unspecified)
No auth needed
Prerequisites: Network access to the router's web interface
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110116413414615&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/12108
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11723
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/13278
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18202
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110135136811344&w=2
Exploit vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1012298

Scores

EPSS 0.0657
EPSS Percentile 93.0%

Details

Status published
Products (8)
zyxel/prestige 645r_a1
zyxel/prestige 650h
zyxel/prestige 650hw
zyxel/prestige 650hw_31
zyxel/prestige 650r
zyxel/zynos 3.40
zyxel/zynos is.3
zyxel/zynos is.5
Published Dec 31, 2004
Tracked Since Feb 18, 2026