Authentication Bypass in ZyXEL Wireless N300 NetUSB Router
CVE-2014-0353

Currently unrated

Key Information:

Vendor: Zyxel
Status: N300 Netusb Nbg-419n Firmware; N300 Netusb Nbg-419n
Vendor: CVE Published:; 15 April 2014

Summary

The ZyXEL Wireless N300 NetUSB NBG-419N router contains a vulnerability that allows remote attackers to bypass authentication mechanisms by exploiting URL encoding techniques. Specifically, attackers can utilize %2F sequences to manipulate the authentication process, potentially granting unauthorized access to network resources. It is crucial for users to upgrade to patched firmware versions to mitigate these risks and safeguard network security.

References

http://www.kb.cert.org/vuls/id/939260

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Apr 15, 2014
Vulnerability Reserved
Dec 5, 2013