CVE-2014-0356 - CERT CVE

  1. CVE-2014-0356

ID CVE-2014-0356
Sažetak The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_language, (3) SystemCommand, or (4) NTPSyncWithHost function in management.c, or a (5) SET COUNTRY, (6) SET WLAN SSID, (7) SET WLAN CHANNEL, (8) SET WLAN STATUS, or (9) SET WLAN COUNTRY udps command.
Reference
CVSS
Base: 7.9
Impact: 10.0
Exploitability:5.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:A/AC:M/Au:N/C:C/I:C/A:C
Zadnje važnije ažuriranje 15-04-2014 - 17:56
Objavljeno 15-04-2014 - 10:55