Vulnerabilities > Zyxel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-12-31 | CVE-2015-7284 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Nbg-418N and Nbg-418N Firmware Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users. | 8.0 |
| 2015-12-31 | CVE-2015-7283 | Credentials Management vulnerability in Zyxel Nbg-418N Firmware 1.00(Aadz.3)C0 The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. | 8.1 |
| 2015-12-31 | CVE-2015-6020 | Permissions, Privileges, and Access Controls vulnerability in Zyxel Pmg5318-B20A Firmware V100Aanc0B5 ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account. | 8.0 |
| 2015-12-31 | CVE-2015-6019 | Unspecified vulnerability in Zyxel Pmg5318-B20A Firmware V100Aanc0B5 The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation. | 8.5 |
| 2008-03-26 | CVE-2008-1526 | Use of Password Hash With Insufficient Computational Effort vulnerability in Zyxel products ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it easier for attackers to crack passwords. | 7.5 |