VYPR
Unrated severityNVD Advisory· Published Feb 22, 2022· Updated Aug 3, 2024

CVE-2021-4030

CVE-2021-4030

Description

A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts.

Affected products

4
  • Zyxel/ARMOR Z1llm-fuzzy
  • Zyxel/ARMOR Z2llm-fuzzy
  • Zyxel/ARMOR Z1 (NBG6816) firmwarev5
    Range: 1.00(AAWB.10)C0
  • Zyxel/ARMOR Z2 (NBG6817) firmwarev5
    Range: 1.00(ABCS.10)C0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.