Vulnerabilities > Zyxel > P 330W Router

DATE CVE VULNERABILITY TITLE RISK
2011-11-22 CVE-2011-4504 Configuration vulnerability in multiple products
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
network
low complexity
genmei-mori zyxel CWE-16
7.5
7.5
2009-09-10 CVE-2007-6730 Cross-Site Request Forgery (CSRF) vulnerability in Zyxel P-330W Router
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote router management via goform/formRmtMgt or (2) modify the administrator password via goform/formPasswordSetup.
network
zyxel CWE-352
critical
 9.3
9.3
2009-09-10 CVE-2007-6729 Cross-Site Scripting vulnerability in Zyxel P-330W Router
Cross-site scripting (XSS) vulnerability in the web management interface in the ZyXEL P-330W router allows remote attackers to inject arbitrary web script or HTML via the pingstr parameter and other unspecified vectors.
network
zyxel CWE-79
4.3
4.3