Vulnerability Note VU#939260
ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities
ZyXEL Wireless N300 NetUSB Router NBG-419N running firmware version 1.00(BFQ.6)C0, and possibly earlier versions, is susceptible to multiple vulnerabilities. Other device models that use similar firmware may also be vulnerable.
ZyXEL Wireless N300 NetUSB Router NBG-419N running firmware version 1.00(BFQ.6)C0, and possibly earlier versions, has been reported to contain multiple vulnerabilities.
CWE-425: Direct Request - CVE-2014-0353
A remote unauthenticated attacker on the local area network may be able to inject arbitrary commands or run arbitrary code.
We are currently unaware of a practical solution to this problem. Please consider the following workarounds.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|ZyXEL||Affected||23 Jan 2014||10 Mar 2014|
CVSS Metrics (Learn More)
Thanks to the reporter who wishes to remain anonymous for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2014-0353 CVE-2014-0354 CVE-2014-0355 CVE-2014-0356
- Date Public: 10 Mar 2014
- Date First Published: 11 Apr 2014
- Date Last Updated: 16 Apr 2014
- Document Revision: 22
If you have feedback, comments, or additional information about this vulnerability, please send us email.