Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zyxel p-660hw vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-1257
Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ZyXEL P-660HW series router allows remote malicious users to inject arbitrary web script or HTML via the PingIPAddr parameter.
Zyxel P-660hw T3 -
Zyxel P-660hw T1
Zyxel P-660hw D3 -
Zyxel P-660hw D1 -
Zyxel P-660hw T3 V2
Zyxel P-660hw D1 V2
7.8
CVSSv2
CVE-2013-3588
The web management interface on Zyxel P660 devices allows remote malicious users to cause a denial of service (reboot) via a flood of TCP SYN packets.
Zyxel P-660h-63 -
Zyxel P-660h-t1 -
Zyxel P-660h-d3 -
Zyxel P-660h-t1 V2
Zyxel P-660h-67 -
Zyxel P-660hw D1 V2
Zyxel P-660hw T1
Zyxel P-660h-61 -
Zyxel P-660hw T3 V2
Zyxel P-660hw T3 -
Zyxel P-660hw D3 -
Zyxel P-660h-t3 V2
Zyxel P-660h-d1 -
Zyxel P-660hw D1 -
10
CVSSv2
CVE-2008-1255
The ZyXEL P-660HW series router maintains authentication state by IP address, which allows remote malicious users to bypass authentication by establishing a session from a source IP address of a previously authenticated user.
Zyxel P-660hw
10
CVSSv2
CVE-2008-1256
The ZyXEL P-660HW series router has "admin" as its default password, which allows remote malicious users to gain administrative access.
Zyxel P-660hw
6.8
CVSSv2
CVE-2008-1254
Multiple cross-site request forgery (CSRF) vulnerabilities on the ZyXEL P-660HW series router allow remote malicious users to (1) change DNS servers and (2) add keywords to the "bannedlist" via unspecified vectors.
Zyxel P-660hw
6.8
CVSSv2
CVE-2014-4162
Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router allow remote malicious users to hijack the authentication of administrators for requests that change the (1) wifi password or (2) SSID via a request to Forms/WLAN_General_1.
Zyxel P-660hw T1
1 EDB exploit
4.3
CVSSv2
CVE-2015-6017
Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0) allow remote malicious users to inject arbitrary web script or HTML via the (1) LoginPassword or (2) hiddenPassword parameter.
Zyxel P-660hw-t1 V2 Firmware 3.40\\(axh.0\\)
4.3
CVSSv2
CVE-2013-6786
Cross-site scripting (XSS) vulnerability in Allegro RomPager prior to 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows rem...
Zyxel P-660hw D1 -
Sitecom Wl-174 -
Allegrosoft Rompager
Tp-link Td-8816 -
Huawei Mt882 -
Dlink Dsl-2640r -
Dlink Dsl-2641r -
2 Nmap scripts
7.8
CVSSv2
CVE-2018-5330
ZyXEL P-660HW v3 devices allow remote malicious users to cause a denial of service (router unreachable/unresponsive) via a flood of fragmented UDP packets.
Zyxel P-660hw V3 Firmware -
10
CVSSv2
CVE-2015-6016
ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote malicious users to obtain administrative access via unspecified vectors.
Zyxel Nbg-418n -
Zyxel Zynos Firmware 3.40\\(axh.0\\)
Zyxel Pmg5318-b20a Firmware V100aanc0b5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »