Vulnerabilities > Zyxel > Nbg6604 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-05-01 CVE-2023-22919 OS Command Injection vulnerability in Zyxel Nbg6604 Firmware 1.01(Abir.0)C0
The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request.
network
low complexity
zyxel CWE-78
8.8
2021-12-29 CVE-2021-35034 Insufficient Session Expiration vulnerability in Zyxel Nbg6604 Firmware
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.
network
low complexity
zyxel CWE-613
critical
9.1
2021-12-29 CVE-2021-35035 Cleartext Storage of Sensitive Information vulnerability in Zyxel Nbg6604 Firmware
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.
network
low complexity
zyxel CWE-312
6.5