CVSS: 10.0EPSS: 6%CPEs: 2EXPL: 3CVE-2021-4039 – Zyxel NWA-1100-NH - Command Injection
https://notcve.org/view.php?id=CVE-2021-4039
01 Mar 2022 — A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to execute arbitrary OS commands on the device. Una vulnerabilidad de inyección de comandos en la interfaz web del firmware Zyxel NWA-1100-NH podría permitir a un atacante ejecutar comandos arbitrarios del Sistema Operativo en el dispositivo. Zyxel NWA-1100-NH suffers from a command injection vulnerability. • https://packetstorm.news/files/id/166752 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.9EPSS: 0%CPEs: 50EXPL: 0CVE-2015-7256
https://notcve.org/view.php?id=CVE-2015-7256
27 Sep 2017 — ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. Los puntos de acceso ZyXEL NWA1100-N, NWA1100-NH, ... • http://www.kb.cert.org/vuls/id/566724 • CWE-310: Cryptographic Issues •