CRITICAL🇵🇱 Wersja polska

CVE-2021-4039

CVSS 9.8v3.1pub. 2022-03-01upd. 2024-11-21

A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to execute arbitrary OS commands on the device.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zyxel Nwa1100 Nh

    HW
    Zyxel
    wszystkie wersje
  • Zyxel Nwa1100 Nh Firmware

    OS
    Zyxel
    < 2.12\(aasi.3\)c0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2015-7256MEDIUM5.9ten sam produkt

ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG...

CVE-2023-27992CRITICAL9.8⚠ KEVten sam vendor

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AA...

CVE-2023-33009CRITICAL9.8⚠ KEVten sam vendor

A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 throug...

CVE-2023-33010CRITICAL9.8⚠ KEVten sam vendor

A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 throu...

CVE-2023-28771CRITICAL9.8⚠ KEVten sam vendor

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series fir...