Filtered by vendor Zyxel
Subscriptions
Filtered by product Nbg-418n Firmware
Subscriptions
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-45441 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-12-06 | 6.1 Medium |
A cross-site scripting (XSS) vulnerability in Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.13)C0, which could allow an attacker to store malicious scripts in the Logs page of the GUI on a vulnerable device. A successful XSS attack could force an authenticated user to execute the stored malicious scripts and then result in a denial-of-service (DoS) condition when the user visits the Logs page of the GUI on the device. | ||||
CVE-2023-22924 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-11-21 | 4.9 Medium |
A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing crafted CLI commands on a vulnerable device. | ||||
CVE-2023-22923 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-11-21 | 6.5 Medium |
A format string vulnerability in a binary of the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker to cause denial-of-service (DoS) conditions on an affected device. | ||||
CVE-2023-22922 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-11-21 | 7.5 High |
A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device. | ||||
CVE-2023-22921 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-11-21 | 7.5 High |
A cross-site scripting (XSS) vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to store malicious scripts using a web management interface parameter, resulting in denial-of-service (DoS) conditions on an affected device. | ||||
CVE-2019-6710 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-11-21 | N/A |
Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF. | ||||
CVE-2015-7284 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-11-21 | N/A |
Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users. | ||||
CVE-2015-7283 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-11-21 | N/A |
The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. |
Page 1 of 1.