Zyxel Nbg6604 Series Firmware vulnerabilities

CVE-2021-35034 [CRITICAL] CWE-613 CVE-2021-35034: An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware co An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.

CVE-2021-35035 [MEDIUM] CWE-312 CVE-2021-35035: A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.