40 matches found
EUVD-2021-21682
Malware in sbrugna...
EUVD-2021-21681
Malware in sbrugna...
EUVD-2023-37202
Malicious code in bioql PyPI...
EUVD-2023-27021
Malicious code in bioql PyPI...
CVE-2023-22919
The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01ABIR.0C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
CVE-2023-33013
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01ABIR.1C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
CVE-2021-35035
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file...
CVE-2021-35034
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted...
The vulnerability of the Network Time Protocol determination function of the Zyxel NBG6604 switch allows a perpetrator to execute operating system commands.
The vulnerability of the Network Time Protocol NTP function of the Zyxel NBG6604 switch lies in the possibility of executing commands. Exploiting this vulnerability allows a remote attacker to execute operating system commands by sending a specially crafted HTTP request...
Zyxel NBG6604 Command Injection Vulnerability (CNVD-2023-64085)
The Zyxel NBG6604 is a dual-band wireless router from China's Hopkins Zyxel. The Zyxel NBG6604 V1.01ABIR.1C0 suffers from a command injection vulnerability that stems from a failure to properly filter constructed command special characters, commands, etc. in the NTP function. An attacker can...
CVE-2023-33013
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01ABIR.1C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
Command injection
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01ABIR.1C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
CVE-2023-33013
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01ABIR.1C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
CVE-2023-33013
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01ABIR.1C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
CVE-2023-33013
CVE-2023-33013 affects Zyxel NBG6604 firmware V1.01(ABIR.1)C0, where a post-authentication command injection in the NTP feature could let an authenticated attacker remotely execute OS commands by sending a crafted HTTP request. Root cause described as insufficient input handling/filtering in the ...
PT-2023-4362 · Zyxel · Zyxel Nbg6604
Name of the Vulnerable Software and Affected Versions: Zyxel NBG6604 firmware version V1.01ABIR.1C0 Description: A post-authentication command injection vulnerability in the NTP feature could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
Zyxel NBG6604 操作系统命令注入漏洞
The Zyxel NBG6604 is a dual-band wireless router from China's Hopkins Zyxel. The Zyxel NBG6604 V1.01ABIR.1C0 suffers from a command injection vulnerability that stems from a failure to properly filter constructed command special characters, commands, etc. in the NTP function. An attacker can...
Zyxel NBG6604 Command Injection Vulnerability
The Zyxel NBG6604 is a dual-band wireless router from China's Hopkins Technology Zyxel. A security vulnerability exists in the Zyxel NBG6604, which can be exploited by remote attackers to submit a special request and execute arbitrary code in the system context...
CVE-2023-22919
The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01ABIR.0C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...
CVE-2023-22919
The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01ABIR.0C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...