Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-14893 | 1 Zyxel | 2 Nsa325 V2, Nsa325 V2 Firmware | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API. | |||||
CVE-2018-14892 | 1 Zyxel | 2 Nsa325 V2, Nsa325 V2 Firmware | 2018-12-26 | 6.8 MEDIUM | 8.8 HIGH |
Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms. |