3 matches found
CVE-2020-28899
The Web CGI Script on ZyXEL LTE4506-M606 V1.00ABDO.2C0 devices does not require authentication, which allows remote unauthenticated attackers via crafted JSON action data to /cgi-bin/gui.cgi to use all features provided by the router. Examples: change the router password, retrieve the Wi-Fi...
CVE-2020-28899
The Web CGI Script on ZyXEL LTE4506-M606 V1.00ABDO.2C0 devices does not require authentication, which allows remote unauthenticated attackers via crafted JSON action data to /cgi-bin/gui.cgi to use all features provided by the router. Examples: change the router password, retrieve the Wi-Fi...
CVE-2020-28899
The CVE-2020-28899 entry concerns ZyXEL LTE4506-M606 devices (V1.00(ABDO.2)C0) where the Web CGI Script at /cgi-bin/gui.cgi does not require authentication. This allows remote, unauthenticated attackers to access all router features, including changing the admin password, retrieving the Wi‑Fi pas...