VYPR
Unrated severityNVD Advisory· Published Apr 15, 2014· Updated Jun 17, 2026

CVE-2014-0355

CVE-2014-0355

Description

Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allow man-in-the-middle attackers to execute arbitrary code via (1) a long temp attribute in a yweather:condition element in a forecastrss file that is processed by the checkWeather function; the (2) WeatherCity or (3) WeatherDegree variable to the detectWeather function; unspecified input to the (4) UpnpAddRunRLQoS, (5) UpnpDeleteRunRLQoS, or (6) UpnpDeletePortCheckType function; or (7) the SET COUNTRY udps command.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:h:zyxel:n300_netusb_nbg-419n:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:zyxel:n300_netusb_nbg-419n:-:*:*:*:*:*:*:*
    • cpe:2.3:o:zyxel:n300_netusb_nbg-419n_firmware:1.00\(bfq_6\)c0:*:*:*:*:*:*:*
  • Zyxel/NBG-419Nllm-fuzzy
    Range: = 1.00(BFQ.6)C0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.