Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Zyxel Subscribe
Total 281 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-15336 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 5.0 MEDIUM 7.5 HIGH
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests.
CVE-2020-15335 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 5.0 MEDIUM 7.5 HIGH
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.
CVE-2020-15334 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 5.3 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file.
CVE-2020-15333 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 5.3 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests.
CVE-2020-15332 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
CVE-2020-15331 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTH_SECRET_KEY in /opt/axess/etc/default/axess.
CVE-2020-15330 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 5.3 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in /opt/axess/etc/default/axess.
CVE-2020-15329 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 5.3 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions.
CVE-2020-15328 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 5.3 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions.
CVE-2020-15327 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 7.5 HIGH
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication.
CVE-2020-15326 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 5.3 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem.
CVE-2020-15325 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 N/A 5.3 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.
CVE-2020-15324 1 Zyxel 1 Cloud Cnm Secumanager 2024-11-21 7.5 HIGH 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.
CVE-2020-15323 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 7.5 HIGH 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.
CVE-2020-15322 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 7.5 HIGH 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.
CVE-2020-15321 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 7.5 HIGH 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.
CVE-2020-15320 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 7.5 HIGH 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.
CVE-2020-15319 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.
CVE-2020-15318 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.
CVE-2020-15317 1 Zyxel 1 Cloudcnm Secumanager 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree.