Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-64085
HistoryAug 16, 2023 - 12:00 a.m.

Zyxel NBG6604 Command Injection Vulnerability (CNVD-2023-64085)

2023-08-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
zyxel
nbg6604
command injection
vulnerability
china
hopkins
wireless router
ntp function
remote execution
http request
operating system commands

0.001 Low

EPSS

Percentile

22.0%

JSON

The Zyxel NBG6604 is a dual-band wireless router from China’s Hopkins (Zyxel). The Zyxel NBG6604 V1.01(ABIR.1)C0 suffers from a command injection vulnerability that stems from a failure to properly filter constructed command special characters, commands, etc. in the NTP function. An attacker can exploit this vulnerability to remotely execute certain operating system commands by sending a crafted HTTP request.

Related

cve 1
nvd 1
cvelist 1
prion 1
cve
cve
CVE-2023-33013
2023-08-14 17:15:10
nvd
nvd
CVE-2023-33013
2023-08-14 17:15:10
cvelist
cvelist
CVE-2023-33013
2023-08-14 16:16:32
prion
prion
Command injection
2023-08-14 17:15:00

0.001 Low

EPSS

Percentile

22.0%

JSON
Related for CNVD-2023-64085
cve1nvd1cvelist1prion1