8 matches found
CVE-2014-0356
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the 1 detectWeather, 2 setlanguage, 3 SystemCommand, or 4 NTPSyncWithHost function in management.c, or a 5 SET COUNTRY, 6 SET WLAN SSID, ...
CVE-2014-0354
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...
Command injection
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the 1 detectWeather, 2 setlanguage, 3 SystemCommand, or 4 NTPSyncWithHost function in management.c, or a 5 SET COUNTRY, 6 SET WLAN SSID, ...
CVE-2014-0354
The CVE-2014-0354 entry concerns ZyXEL Wireless N300 NetUSB NBG-419N routers with firmware 1.00(BFQ.6)C0 that have a hardcoded password (qweasdzxc) used to login to index.asp via HTTP, enabling a remote attacker on the LAN to obtain login access. The linked NVD record confirms the issue and its i...
CVE-2014-0355
CVE-2014-0355 affects ZyXEL Wireless N300 NetUSB Router NBG-419N (firmware 1.00(BFQ.6)C0). The checkWeather function parses forecastrss and is vulnerable to a stack-based buffer overflow; WeatherCity/WeatherDegree variables in detectWeather are vulnerable to overflow; UpnpAddRunRLQoS, UpnpDeleteR...
CVE-2014-0353
The ZyXEL Wireless N300 NetUSB NBG-419N router (firmware 1.00(BFQ.6)C0) is affected by CVE-2014-0353: remote attackers can bypass authentication by escaping the "/" path separator with %2F in URLs, allowing access to subdirectory content. Root cause: improper handling of URL encoding for slashes ...
CVE-2014-0354
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...
ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities
Overview ZyXEL Wireless N300 NetUSB Router NBG-419N running firmware version 1.00BFQ.6C0, and possibly earlier versions, is susceptible to multiple vulnerabilities. Other device models that use similar firmware may also be vulnerable. Description ZyXEL Wireless N300 NetUSB Router NBG-419N running...