Zyxel

Nbg6604 Firmware

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-33013

  • EPSS 1.27%
  • Published 14.08.2023 17:15:10
  • Last modified 21.11.2024 08:04:24

A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.

8.8

CVE-2023-22919

  • EPSS 1.02%
  • Published 01.05.2023 17:15:09
  • Last modified 21.11.2024 07:45:39

The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.

9.1

CVE-2021-35034

  • EPSS 0.27%
  • Published 29.12.2021 13:15:07
  • Last modified 21.11.2024 06:11:43

An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.

6.5

CVE-2021-35035

  • EPSS 0.07%
  • Published 29.12.2021 13:15:07
  • Last modified 21.11.2024 06:11:43

A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.