CVE-2019-17354
CRITICALZyxel NBG-418N v2 Firmware V1.00(AARP.9)C0 - Unauthenticated Information Disclosure and Data Modification via wan.htm
Title source: llmDescription
wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page.
References (2)
Core 2
Core References
Product x_refsource_misc
https://www.zyxel.com/us/en/
Third Party Advisory x_refsource_misc
https://github.com/d0x0/Zyxel-NBG-418N-v2/blob/master/CVE-2019-17354
Scores
CVSS v3
9.4
EPSS
0.0139
EPSS Percentile
68.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (1)
zyxel/nbg-418n_v2_firmware
1.00\(aarp.9\)c0
Published
Oct 09, 2019
Tracked Since
Feb 18, 2026