Filtered by vendor Zyxel
Subscribe
Total
279 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-15329 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | N/A | 5.3 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions. | |||||
CVE-2020-15328 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | N/A | 5.3 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions. | |||||
CVE-2020-15327 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | N/A | 7.5 HIGH |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | |||||
CVE-2020-15326 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | N/A | 5.3 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | |||||
CVE-2020-15325 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | N/A | 5.3 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication. | |||||
CVE-2020-15324 | 1 Zyxel | 1 Cloud Cnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials. | |||||
CVE-2020-15323 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials. | |||||
CVE-2020-15322 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account. | |||||
CVE-2020-15321 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account. | |||||
CVE-2020-15320 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account. | |||||
CVE-2020-15319 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree. | |||||
CVE-2020-15318 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree. | |||||
CVE-2020-15317 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
CVE-2020-15316 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
CVE-2020-15315 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree. | |||||
CVE-2020-15314 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account. | |||||
CVE-2020-15313 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account. | |||||
CVE-2020-15312 | 1 Zyxel | 1 Cloudcnm Secumanager | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account. | |||||
CVE-2020-14461 | 1 Zyxel | 2 Wap6806, Wap6806 Firmware | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI. | |||||
CVE-2020-13365 | 1 Zyxel | 8 Nas326, Nas326 Firmware, Nas520 and 5 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0. |