Lucene search
+L

68 matches found

nvd
nvd
added 2014/04/15 10:55 a.m.18 views

CVE-2014-0353

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 allows remote attackers to bypass authentication by using %2F sequences in place of / slash characters...

6.1CVSS7AI score0.00864EPSS
Exploits0References1
prion
prion
added 2014/04/15 10:55 a.m.17 views

Authentication flaw

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 allows remote attackers to bypass authentication by using %2F sequences in place of / slash characters...

6.1CVSS7.6AI score0.00864EPSS
Exploits0References1Affected Software1
prion
prion
added 2014/04/15 10:55 a.m.23 views

Stack overflow

Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 allow man-in-the-middle attackers to execute arbitrary code via 1 a long temp attribute in a yweather:condition element in a forecastrss file that is processed by the checkWeather...

7.9CVSS8.3AI score0.00612EPSS
Exploits0References1Affected Software1
prion
prion
added 2014/04/15 10:55 a.m.19 views

Command injection

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the 1 detectWeather, 2 setlanguage, 3 SystemCommand, or 4 NTPSyncWithHost function in management.c, or a 5 SET COUNTRY, 6 SET WLAN SSID, ...

7.9CVSS8.4AI score0.01146EPSS
Exploits0References1Affected Software1
cve
cve
added 2014/04/15 10:0 a.m.44 views

CVE-2014-0354

The CVE-2014-0354 entry concerns ZyXEL Wireless N300 NetUSB NBG-419N routers with firmware 1.00(BFQ.6)C0 that have a hardcoded password (qweasdzxc) used to login to index.asp via HTTP, enabling a remote attacker on the LAN to obtain login access. The linked NVD record confirms the issue and its i...

7.8CVSS7.2AI score0.00757EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2014/04/15 10:0 a.m.25 views

CVE-2014-0354

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00BFQ.6C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login access via an HTTP request...

7AI score0.00757EPSS
Exploits0References1
cve
cve
added 2014/04/15 10:0 a.m.41 views

CVE-2014-0353

The ZyXEL Wireless N300 NetUSB NBG-419N router (firmware 1.00(BFQ.6)C0) is affected by CVE-2014-0353: remote attackers can bypass authentication by escaping the "/" path separator with %2F in URLs, allowing access to subdirectory content. Root cause: improper handling of URL encoding for slashes ...

6.1CVSS7.3AI score0.00864EPSS
Exploits0References1Affected Software2
cve
cve
added 2014/04/15 10:0 a.m.43 views

CVE-2014-0355

CVE-2014-0355 affects ZyXEL Wireless N300 NetUSB Router NBG-419N (firmware 1.00(BFQ.6)C0). The checkWeather function parses forecastrss and is vulnerable to a stack-based buffer overflow; WeatherCity/WeatherDegree variables in detectWeather are vulnerable to overflow; UpnpAddRunRLQoS, UpnpDeleteR...

7.9CVSS7.9AI score0.00612EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder