CVE-2014-0355

Name of the Vulnerable Software and Affected Versions ZyXEL Wireless N300 NetUSB NBG-419N router version 1.00(BFQ.6)C0

Description The issue allows man-in-the-middle attackers to execute arbitrary code. This can be achieved via a long temp attribute in a yweather:condition element in a forecastrss file processed by the checkWeather function, or through the WeatherCity or WeatherDegree variable to the detectWeather function. Additionally, unspecified input to the UpnpAddRunRLQoS, UpnpDeleteRunRLQoS, or UpnpDeletePortCheckType function, or the SET COUNTRY udps command can also lead to exploitation.

Recommendations For ZyXEL Wireless N300 NetUSB NBG-419N router version 1.00(BFQ.6)C0, consider disabling the checkWeather function, restricting input to the detectWeather function for the WeatherCity and WeatherDegree variables, and limiting access to the UpnpAddRunRLQoS, UpnpDeleteRunRLQoS, UpnpDeletePortCheckType functions, as well as the SET COUNTRY udps command until a patch is available.