CVE-2018-14892

Name of the Vulnerable Software and Affected Versions ZyXEL NSA325 V2 version 4.81

Description The issue concerns missing protections against Cross-Site Request Forgery in the web application, allowing attackers to perform state-changing actions via crafted HTTP forms.

Recommendations For ZyXEL NSA325 V2 version 4.81, consider disabling access to the web application until a patch or fix is available to mitigate the risk of Cross-Site Request Forgery attacks. Restrict access to the web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.