Filtered by vendor Zyxel
Subscribe
Total
277 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-35028 | 1 Zyxel | 2 Zywall Vpn2s, Zywall Vpn2s Firmware | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands. | |||||
CVE-2021-35033 | 1 Zyxel | 12 Nbg6818, Nbg6818 Firmware, Nbg7815 and 9 more | 2024-02-28 | 6.9 MEDIUM | 7.8 HIGH |
A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, WSQ50, WSQ60, and WSR30 firmware with pre-configured password management could allow an attacker to obtain root access of the device, if the local attacker dismantles the device and uses a USB-to-UART cable to connect the device, or if the remote assistance feature had been enabled by an authenticated user. | |||||
CVE-2021-35034 | 1 Zyxel | 2 Nbg6604, Nbg6604 Firmware | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted. | |||||
CVE-2021-35027 | 1 Zyxel | 2 Zywall Vpn2s, Zywall Vpn2s Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information. | |||||
CVE-2021-35035 | 1 Zyxel | 2 Nbg6604, Nbg6604 Firmware | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file. | |||||
CVE-2021-35032 | 1 Zyxel | 24 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 21 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call. | |||||
CVE-2021-35029 | 1 Zyxel | 74 Usg100, Usg1000, Usg1000 Firmware and 71 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device. | |||||
CVE-2021-35030 | 1 Zyxel | 24 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 21 more | 2024-02-28 | 2.3 LOW | 4.3 MEDIUM |
A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet. | |||||
CVE-2020-20183 | 1 Zyxel | 2 P1302-t10 V3, P1302-t10 V3 Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and earlier allows attackers to gain privileges and access certain admin pages. | |||||
CVE-2021-3297 | 1 Zyxel | 2 Nbg2105, Nbg2105 Firmware | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access. | |||||
CVE-2020-28899 | 1 Zyxel | 6 Lte4506-m606, Lte4506-m606 Firmware, Lte7460-m608 and 3 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication, which allows remote unauthenticated attackers (via crafted JSON action data to /cgi-bin/gui.cgi) to use all features provided by the router. Examples: change the router password, retrieve the Wi-Fi passphrase, send an SMS message, or modify the IP forwarding to access the internal network. | |||||
CVE-2020-29299 | 1 Zyxel | 7 Atp, Nsg, Nsg Firmware and 4 more | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4. | |||||
CVE-2020-25014 | 1 Zyxel | 52 Access Points Firmware, Nwa110ax, Nwa1123-ac Hd and 49 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet. | |||||
CVE-2020-15317 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
CVE-2020-15321 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account. | |||||
CVE-2020-15322 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account. | |||||
CVE-2020-15348 | 1 Zyxel | 1 Cloud Cnm Secumanager | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code. | |||||
CVE-2020-15316 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
CVE-2020-13365 | 1 Zyxel | 8 Nas326, Nas326 Firmware, Nas520 and 5 more | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0. | |||||
CVE-2020-15315 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree. |