Vulnerabilities (CVE)

Filtered by vendor Zyxel Subscribe
Filtered by product Ax7501-b0
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45440 1 Zyxel 2 Ax7501-b0, Ax7501-b0 Firmware 2024-11-21 N/A 4.4 MEDIUM
A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a symbolic link on external storage media, such as a USB flash drive, and then logging into the FTP server on a vulnerable device.
CVE-2022-45439 1 Zyxel 2 Ax7501-b0, Ax7501-b0 Firmware 2024-11-21 N/A 5.3 MEDIUM
A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. An unauthenticated attacker could use the credentials to access the WLAN service if the configuration file has been retrieved from the device by leveraging another known vulnerability.
CVE-2022-43392 1 Zyxel 96 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 93 more 2024-11-21 N/A 6.5 MEDIUM
A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request.
CVE-2022-43391 1 Zyxel 96 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 93 more 2024-11-21 N/A 6.5 MEDIUM
A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request.
CVE-2022-43390 1 Zyxel 78 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 75 more 2024-11-21 N/A 5.4 MEDIUM
A command injection vulnerability in the CGI program of Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to execute some OS commands on a vulnerable device by sending a crafted HTTP request.
CVE-2022-26414 1 Zyxel 64 Ax7501-b0, Ax7501-b0 Firmware, Dx5401-b0 and 61 more 2024-11-21 4.9 MEDIUM 6.0 MEDIUM
A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.
CVE-2022-26413 1 Zyxel 64 Ax7501-b0, Ax7501-b0 Firmware, Dx5401-b0 and 61 more 2024-11-21 7.7 HIGH 8.0 HIGH
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.
CVE-2021-35036 1 Zyxel 62 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 59 more 2024-11-21 3.5 LOW 6.5 MEDIUM
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
CVE-2024-5412 1 Zyxel 100 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 97 more 2024-09-06 N/A 7.5 HIGH
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.