CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-14893

A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.117

EPSS Ranking 93.3%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://blog.securityevaluators.com/ise-labs-finds-vulnerabilities-in-zyxel-nsa325-945481a699b8
https://blog.securityevaluators.com/ise-labs-finds-vulnerabilities-in-zyxel-nsa325-945481a699b8

Products affected by CVE-2018-14893

Zyxel » Nsa325 V2 » Version: N/A

cpe:2.3:h:zyxel:nsa325_v2:-
Zyxel » Nsa325 V2 Firmware » Version: 4.81

cpe:2.3:o:zyxel:nsa325_v2_firmware:4.81

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-14893

Products

Pricing

Contact Us