VYPR

NBG6604

by Zyxel

CVEs (4)

  • CVE-2023-33013Aug 14, 2023
    risk 0.00cvss epss 0.01

    A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.

  • CVE-2023-22919May 1, 2023
    risk 0.00cvss epss 0.02

    The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.

  • CVE-2021-35035Dec 29, 2021
    risk 0.00cvss epss 0.01

    A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.

  • CVE-2021-35034Dec 29, 2021
    risk 0.00cvss epss 0.01

    An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.