Skip to content

CVE-2014-0356

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_language, (3) SystemCommand, or (4) NTPSyncWithHost function in management.c, or a (5) SET COUNTRY, (6) SET WLAN SSID, (7) SET WLAN CHANNEL, (8) SET WLAN STATUS, or (9) SET WLAN COUNTRY udps command.

View on NVD

Severity

N/A

EPSS

Probability of exploitation (next 30 days): 0.0070 (0.7%)
Percentile: 72.0%
EPSS: 2026-05-06

Affects

zyxel:n300_netusb_nbg-419n_firmwarezyxel:n300_netusb_nbg-419n

Technical description

The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_language, (3) SystemCommand, or (4) NTPSyncWithHost function in management.c, or a (5) SET COUNTRY, (6) SET WLAN SSID, (7) SET WLAN CHANNEL, (8) SET WLAN STATUS, or (9) SET WLAN COUNTRY udps command.

Published: 4/15/2014, 10:55:12 AM
Last modified: 5/6/2026, 10:30:45 PM

References

HomeEventsBlogResourcesTeam