Vulnerabilities (CVE)

Filtered by vendor Zyxel Subscribe
Filtered by product Nbg6604 Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-33013 1 Zyxel 2 Nbg6604, Nbg6604 Firmware 2024-11-21 N/A 8.8 HIGH
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.
CVE-2023-22919 1 Zyxel 2 Nbg6604, Nbg6604 Firmware 2024-11-21 N/A 8.8 HIGH
The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.
CVE-2021-35035 1 Zyxel 2 Nbg6604, Nbg6604 Firmware 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.
CVE-2021-35034 1 Zyxel 2 Nbg6604, Nbg6604 Firmware 2024-11-21 6.4 MEDIUM 7.4 HIGH
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.