Nbg6604 Firmware

nbg6604_firmware

Vendor: Zyxel • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-33013 1Zyxel 1Nbg6604 Firmware Nov 21, 2024 Aug 14, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted H...Show more A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.Show less
CVE-2023-22919 1Zyxel 1Nbg6604 Firmware Nov 21, 2024 May 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.
CVE-2021-35035 1Zyxel 1Nbg6604 Firmware Nov 21, 2024 Dec 29, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.
CVE-2021-35034 1Zyxel 1Nbg6604 Firmware Nov 21, 2024 Dec 29, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.