CVE-2021-35034
published 2021-12-29CVE-2021-35034: An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zyxel | nbg6604_firmware | < 1.00\(abir.9\)c0 | 1.00\(abir.9\)c0 |
| zyxel | nbg6604_series_firmware | — | — |