Lucene search
+L

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-6774

Malware in sbrugna...

8.8CVSS8.8AI score0.00875EPSS
Exploits1References2
CNVD
CNVD
added 2018/11/29 12:0 a.m.5 views

ZyXEL NSA325 V2 Cross-Site Request Forgery Vulnerability

The ZyXEL NSA325 V2 is a network storage device from Hopkins ZyXEL Technology. A security vulnerability exists in the web application of the ZyXEL NSA325 V2 version 4.81. The vulnerability can be exploited by an attacker to perform a state change operation using a specially crafted HTTP form...

8.8CVSS6.9AI score0.00875EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/27 9:0 p.m.22 views

CVE-2018-14892

Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms...

8.7AI score0.00875EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/27 9:0 p.m.24 views

CVE-2018-14893

A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API...

9.1AI score0.03443EPSS
Exploits1References1
CVE
CVE
added 2018/11/27 9:0 p.m.55 views

CVE-2018-14893

CVE-2018-14893 concerns ZyXEL NSA325 V2 (firmware version 4.81) with a command injection vulnerability in the zyshclient component. The flaw permits an attacker to execute system commands via the web application API. Multiple sources (NVD, CVE records, CNVD) describe the same issue, identifying z...

9CVSS9AI score0.03443EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/27 8:29 p.m.17 views

CVE-2018-14892

Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms...

8.8CVSS8.7AI score0.00875EPSS
Exploits1References1
NVD
NVD
added 2018/11/27 8:29 p.m.15 views

CVE-2018-14893

A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API...

9CVSS9.1AI score0.03443EPSS
Exploits1References1
Prion
Prion
added 2018/11/27 8:29 p.m.13 views

Cross site request forgery (csrf)

Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms...

6.8CVSS8.6AI score0.00875EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/11/27 8:29 p.m.16 views

Command injection

A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API...

9CVSS9AI score0.03443EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/27 8:29 p.m.6 views

CVE-2018-14893

A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API...

8.8CVSS5.9AI score0.03443EPSS
Exploits1References1
Rows per page
Query Builder