Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6398 | 1 Zyxel | 84 Atp100, Atp100 Firmware, Atp100w and 81 more | 2025-01-21 | N/A | 7.2 HIGH |
| A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1, NWA50AX firmware versions through 6.29(ABYW.3), WAC500 firmware versions through 6.65(ABVS.1), WAX300H firmware versions through 6.60(ACHF.1), and WBE660S firmware versions through 6.65(ACGG.1) could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device via FTP. | |||||
| CVE-2023-6399 | 1 Zyxel | 44 Atp100, Atp100 Firmware, Atp100w and 41 more | 2025-01-21 | N/A | 5.7 MEDIUM |
| A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, and USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1 could allow an authenticated IPSec VPN user to cause DoS conditions against the “deviceid” daemon by sending a crafted hostname to an affected device if it has the “Device Insight” feature enabled. | |||||
| CVE-2024-9677 | 1 Zyxel | 6 Uos, Usg Flex 100h, Usg Flex 200h and 3 more | 2024-12-05 | N/A | 5.5 MEDIUM |
| The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator has not logged out. | |||||