A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to execute arbitrary OS commands on the device.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HZyxel Nwa1100 Nh
HWZyxelwszystkie wersjeZyxel Nwa1100 Nh Firmware
OSZyxel< 2.12\(aasi.3\)c0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Command Injection
Powiązane podatności
CVE-2015-7256MEDIUM5.9ten sam produkt
ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG...
CVE-2023-27992CRITICAL9.8⚠ KEVten sam vendor
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AA...
CVE-2023-33009CRITICAL9.8⚠ KEVten sam vendor
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 throug...
CVE-2023-33010CRITICAL9.8⚠ KEVten sam vendor
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 throu...
CVE-2023-28771CRITICAL9.8⚠ KEVten sam vendor
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series fir...