Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allow man-in-the-middle malicious users to execute arbitrary code via (1) a long temp attribute in a yweather:condition element in a forecastrss file that is processed by the checkWeather function; the (2) WeatherCity or (3) WeatherDegree variable to the detectWeather function; unspecified input to the (4) UpnpAddRunRLQoS, (5) UpnpDeleteRunRLQoS, or (6) UpnpDeletePortCheckType function; or (7) the SET COUNTRY udps command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zyxel n300_netusb_nbg-419n_firmware 1.00\\(bfq_6\\)c0 |
||
zyxel n300_netusb_nbg-419n - |