Primary

Context

PLANEX MZK-DP300N Hard-Coded Credentials Vulnerability Allowing Arbitrary Command Execution via Telnet

Vulnerability

Patched

A vulnerability exists in the PLANEX MZK-DP300N router, all versions through 1.07, due to the use of hard-coded credentials. This vulnerability may allow an attacker within the local network to log into the device via Telnet and execute arbitrary commands.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the device via Telnet, allowing the execution of arbitrary commands on the router.

Remediation

Users are advised to update the firmware to the latest version, 1.08, which addresses this vulnerability.

Added: Oct 28, 2025, 5:17 AM

Updated: Oct 28, 2025, 5:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PLANEX MZK-DP300N Hard-Coded Credentials Vulnerability Allowing Arbitrary Command Execution via Telnet

Vulnerability

Impact

Remediation

Affected Products

PLANEX MZK-DP300N

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating