cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-33013,https://securityvulnerability.io/vulnerability/CVE-2023-33013,Post-Authentication Command Injection Vulnerability in Zyxel NBG6604 Firmware,"A post-authentication command injection vulnerability exists in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0, potentially allowing an authenticated attacker to execute arbitrary OS commands. By sending specially crafted HTTP requests, attackers could leverage this flaw to compromise the affected system, posing significant security risks to users relying on this router for secure connectivity. Users are advised to apply any available patches and follow security best practices to mitigate potential exploits.",Zyxel,Nbg6604 Firmware,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-08-14T17:15:00.000Z,0
CVE-2023-22919,https://securityvulnerability.io/vulnerability/CVE-2023-22919,Post-Authentication Command Injection in Zyxel NBG6604 Router,"A post-authentication command injection vulnerability exists in the Zyxel NBG6604 Router firmware version V1.01(ABIR.0)C0. This flaw allows an authenticated attacker to execute arbitrary OS commands remotely. The attacker can exploit this vulnerability by crafting specific HTTP requests that leverage the underlying issues in the firmware. If successfully executed, this could lead to unauthorized access and control over the affected device, potentially compromising the network's security.",Zyxel,Nbg6604 Firmware,8.8,HIGH,0.000859999970998615,false,,false,false,false,,,false,false,,2023-05-01T00:00:00.000Z,0
CVE-2021-35035,https://securityvulnerability.io/vulnerability/CVE-2021-35035,Cleartext Storage Vulnerability in Zyxel NBG6604 Firmware,"A vulnerability exists in the Zyxel NBG6604 firmware that allows remote, authenticated attackers to access sensitive information stored in the configuration file in cleartext. This flaw could be exploited to compromise the security of the network and expose confidential data. It is crucial for users of the Zyxel NBG6604 router to review their firmware for updates and apply necessary security patches to mitigate the risk associated with this vulnerability.",Zyxel,Nbg6604 Series Firmware,4.9,MEDIUM,0.0011699999449774623,false,,false,false,false,,,false,false,,2021-12-29T12:45:38.000Z,0
CVE-2021-35034,https://securityvulnerability.io/vulnerability/CVE-2021-35034,Insufficient Session Expiration in Zyxel NBG6604 Firmware,"The Zyxel NBG6604 firmware contains an insufficient session expiration vulnerability in its CGI program, allowing a potential remote attacker to gain unauthorized access if they successfully intercept a valid session token. This vulnerability underscores the importance of robust session management practices to protect sensitive information and prevent unauthorized access.",Zyxel,Nbg6604 Series Firmware,7.4,HIGH,0.002959999954327941,false,,false,false,false,,,false,false,,2021-12-29T12:36:47.000Z,0