A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts.
CPE | Name | Operator | Version |
---|---|---|---|
nbg6816_firmware | eq | 1.0.0-aawb.10-c0 | |
nbg6817_firmware | eq | < 1.0abcs.11c0 |