Zyxel » P-330w Router : Security Vulnerabilities, CVEs, CVSS score >= 1
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
Max CVSS
7.5
EPSS Score
0.34%
Published
2011-11-22
Updated
2012-03-08
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote router management via goform/formRmtMgt or (2) modify the administrator password via goform/formPasswordSetup.
Max CVSS
9.3
EPSS Score
0.30%
Published
2009-09-10
Updated
2009-09-15
Cross-site scripting (XSS) vulnerability in the web management interface in the ZyXEL P-330W router allows remote attackers to inject arbitrary web script or HTML via the pingstr parameter and other unspecified vectors.
Max CVSS
4.3
EPSS Score
0.20%
Published
2009-09-10
Updated
2009-09-15
3 vulnerabilities found