CVEs-PoC/2016/CVE-2016-10401.md

### [CVE-2016-10401](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10401)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote attackers to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).

### POC

#### Reference
- https://www.exploit-db.com/exploits/43105/

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AnonOpsVN24/Aon-Sploit
- https://github.com/oxagast/oxasploits