Vulnerability Details CVE-2014-0356
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_language, (3) SystemCommand, or (4) NTPSyncWithHost function in management.c, or a (5) SET COUNTRY, (6) SET WLAN SSID, (7) SET WLAN CHANNEL, (8) SET WLAN STATUS, or (9) SET WLAN COUNTRY udps command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.6%
CVSS Severity
CVSS v2 Score 7.9
Products affected by CVE-2014-0356
-
cpe:2.3:h:zyxel:n300_netusb_nbg-419n:-
-
cpe:2.3:o:zyxel:n300_netusb_nbg-419n_firmware:1.00(bfq_6)c0