theinfosecnews
theinfosecnews
Subscribe to Daily Digest

CVE-2017-18368

CISA KEV

Published August 7, 2023 · Updated April 3, 2026

high
Official Description+

Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remote_host parameter of the ViewLog.asp page.

Affected Products

VendorProduct
ZyxelP660HN-T1A Routers

Patch Status

Patch by 2023-08-28

Recommended Actions

  1. Check if your systems use any of the affected products listed above.
  2. Apply vendor patches immediately if available.
  3. This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
  4. Monitor vendor advisories for updates and additional mitigations.
  5. Review logs for indicators of compromise related to CVE-2017-18368.