Unrated severityNVD Advisory· Published Feb 22, 2022· Updated Aug 3, 2024
CVE-2021-4030
CVE-2021-4030
Description
A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts.
Affected products
4- Zyxel/ARMOR Z1 (NBG6816) firmwarev5Range: 1.00(AAWB.10)C0
- Zyxel/ARMOR Z2 (NBG6817) firmwarev5Range: 1.00(ABCS.10)C0
Patches
Vulnerability mechanics
References
1- www.zyxel.com/support/forgery-vulnerabilities-of-select-Armor-home-routers.shtmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.