Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33013 | 1 Zyxel | 2 Nbg6604, Nbg6604 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
| A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request. | |||||
| CVE-2023-22919 | 1 Zyxel | 2 Nbg6604, Nbg6604 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
| The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request. | |||||
| CVE-2021-35034 | 1 Zyxel | 2 Nbg6604, Nbg6604 Firmware | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted. | |||||
| CVE-2021-35035 | 1 Zyxel | 2 Nbg6604, Nbg6604 Firmware | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file. | |||||