CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-14892

Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://blog.securityevaluators.com/ise-labs-finds-vulnerabilities-in-zyxel-nsa325-945481a699b8
https://blog.securityevaluators.com/ise-labs-finds-vulnerabilities-in-zyxel-nsa325-945481a699b8

Products affected by CVE-2018-14892

Zyxel » Nsa325 V2 » Version: N/A

cpe:2.3:h:zyxel:nsa325_v2:-
Zyxel » Nsa325 V2 Firmware » Version: 4.81

cpe:2.3:o:zyxel:nsa325_v2_firmware:4.81

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-14892

Products

Pricing

Contact Us