ZyXEL N4100 Wireless Gateway

Platform Information https://www.cnet.com/products/zyxel-n4100-wireless-router-802-11b-g-n-desktop-with-zyxel-zyair-sp-300-label-printer/
Search Engine Search on Google
End of Sales Yes
End of Support Yes (2015-12-31) more info
Wired Connection Yes
Wireless Connection Yes
Fingerprinting Source HTTP NIC VENDOR
Added at May 14, 2019
Manufacturer Name Zyxel Communications Corp
Homepage https://www.zyxel.com/index.shtml
Headquarters Taiwan
Business Status Ongoing
Acquisition Company Siemens AG
Acquisition Company Homepage http://www.siemens.com

Platform’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
No records found.
Manufacturer’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2019-10634
04/09/2019
MEDIUM
LOW
An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields.
CVE-2019-10633
04/09/2019
HIGH
MEDIUM
An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs.
CVE-2019-10632
04/09/2019
MEDIUM
MEDIUM
A directory traversal vulnerability in the file browser component on the Zyxel NAS 326 version 5.21 and below allows a lower privileged user to change the location of any other user's files.
CVE-2019-10631
04/09/2019
HIGH
MEDIUM
Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.
CVE-2019-10630
04/09/2019
HIGH
MEDIUM
A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device.