Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-40890 | 1 Zyxel | 27 Sbg3300-n000, Sbg3300-n000 Firmware, Sbg3300-nb00 and 24 more | 2025-02-12 | N/A | 8.8 HIGH |
| **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device by sending a crafted HTTP POST request. | |||||
| CVE-2024-40891 | 1 Zyxel | 27 Sbg3300-n000, Sbg3300-n000 Firmware, Sbg3300-nb00 and 24 more | 2025-02-12 | N/A | 8.8 HIGH |
| **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet. | |||||
| CVE-2015-7256 | 1 Zyxel | 50 C1000z, C1000z Firmware, Fr1000z and 47 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. | |||||