CVE-2020-14461
HIGHZyxel Armor X1 WAP6806 1.00(ABAL.6)C0 - Path Traversal via images/eaZy/ URI
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-14461. PoCs published by Rajivarnan R.
AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in Zyxel Armor X1 WAP6806. The vulnerable endpoint is identified as `/Zyxel/images/eaZy/` via a GET request, but no functional exploit code is provided.
Description
Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI.
Exploits (1)
exploitdb
WRITEUP
by Rajivarnan R · textwebappshardware
https://www.exploit-db.com/exploits/48669
This is a writeup describing a directory traversal vulnerability in Zyxel Armor X1 WAP6806. The vulnerable endpoint is identified as `/Zyxel/images/eaZy/` via a GET request, but no functional exploit code is provided.
Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target:
Zyxel Armor X1 WAP6806 V1.00(ABAL.6)C0
No auth needed
Prerequisites:
network access to the target device
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://cxsecurity.com/issue/WLB-2020060088
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/158428/Zyxel-Armor-X1-WAP6806-Directory-Traversal.html
Scores
CVSS v3
8.6
EPSS
0.0954
EPSS Percentile
94.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
zyxel/wap6806_firmware
1.00\(abal.6\)c0
Published
Jun 22, 2020
Tracked Since
Feb 18, 2026