CVE-2019-17354
CRITICALZyxel Nbg-418n V2 Firmware - Missing Authentication
Title source: ruleDescription
wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page.
References (2)
Core 2
Core References
Product x_refsource_misc
https://www.zyxel.com/us/en/
Third Party Advisory x_refsource_misc
https://github.com/d0x0/Zyxel-NBG-418N-v2/blob/master/CVE-2019-17354
Scores
CVSS v3
9.4
EPSS
0.0030
EPSS Percentile
53.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (1)
zyxel/nbg-418n_v2_firmware
1.00\(aarp.9\)c0
Published
Oct 09, 2019
Tracked Since
Feb 18, 2026