Vulnerabilities > Zyxel > Lte7460 M608 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-16 CVE-2020-28899 Missing Authentication for Critical Function vulnerability in Zyxel products
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router.
network
low complexity
zyxel CWE-306
critical
9.1