PT-2014-3582 · Zyxel · Zyxel Nbg-419N

Published

2014-04-15

Updated

2014-04-15

CVE-2014-0353

CVSS v2.0

6.1

Medium

Vector

AV:A/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions ZyXEL Wireless N300 NetUSB NBG-419N router version 1.00(BFQ.6)C0

Description The issue allows remote attackers to bypass authentication by using %2F sequences in place of / (slash) characters.

Recommendations For version 1.00(BFQ.6)C0, consider updating the firmware to a newer version that addresses this issue, if available. As a temporary workaround, restrict access to the router's web interface to minimize the risk of exploitation.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2014-0353

Affected Products

Zyxel Nbg-419N

PT-2014-3582 · Zyxel · Zyxel Nbg-419N

CVE-2014-0353

Weakness Enumeration

Related Identifiers

Affected Products

References · 2