Vulnerabilities > Zyxel > Nbg6604 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-33013 | OS Command Injection vulnerability in Zyxel Nbg6604 Firmware 1.01(Abir.1)C0 A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request. | 8.8 |
| 2023-05-01 | CVE-2023-22919 | OS Command Injection vulnerability in Zyxel Nbg6604 Firmware 1.01(Abir.0)C0 The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request. | 8.8 |
| 2021-12-29 | CVE-2021-35034 | Insufficient Session Expiration vulnerability in Zyxel Nbg6604 Firmware An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted. | 6.4 |
| 2021-12-29 | CVE-2021-35035 | Cleartext Storage of Sensitive Information vulnerability in Zyxel Nbg6604 Firmware A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file. | 4.0 |