Zyxel: >> Nbg6604 Security Vulnerabilities
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.
CVSS Score
8.8
EPSS Score
0.013
Published
2023-08-14
The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.
CVSS Score
8.8
EPSS Score
0.01
Published
2023-05-01
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.
CVSS Score
7.4
EPSS Score
0.003
Published
2021-12-29
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.
CVSS Score
4.9
EPSS Score
0.001
Published
2021-12-29