Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router allow remote attackers to hijack the authentication of administrators for requests that change the (1) wifi password or (2) SSID via a request to Forms/WLAN_General_1.
Max CVSS
6.8
EPSS Score
1.19%
Published
2014-06-16
Updated
2014-07-17
The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of service (reboot) via a flood of TCP SYN packets.
Max CVSS
7.8
EPSS Score
0.69%
Published
2014-04-02
Updated
2014-04-02
Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ZyXEL P-660HW series router allows remote attackers to inject arbitrary web script or HTML via the PingIPAddr parameter.
Max CVSS
4.3
EPSS Score
0.19%
Published
2008-03-10
Updated
2018-10-11
The ZyXEL P-660HW series router has "admin" as its default password, which allows remote attackers to gain administrative access.
Max CVSS
10.0
EPSS Score
0.76%
Published
2008-03-10
Updated
2018-10-11
The ZyXEL P-660HW series router maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user.
Max CVSS
10.0
EPSS Score
0.50%
Published
2008-03-10
Updated
2018-10-11
Multiple cross-site request forgery (CSRF) vulnerabilities on the ZyXEL P-660HW series router allow remote attackers to (1) change DNS servers and (2) add keywords to the "bannedlist" via unspecified vectors.
Max CVSS
6.8
EPSS Score
0.33%
Published
2008-03-10
Updated
2018-10-11
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!